What you'd actually do

Perform full-scope security reviews of our current and future product and service portfolio.

Be the security subject matter expert for product architects and engineers.

Own transformational security initiatives that impact the whole company.

Finding new and novel ways to identify and resolve security vulnerabilities in our products.

Skills

Required

Development or software engineering experience
Deep passion for information security
Experience with a modern high-level programming language (e.g. Java, Golang, Javascript, Python, etc.)
Demonstrated experience evaluating code for vulnerabilities and weaknesses
Experience with complex architectures and codebases (e.g. SOA or micro-services)
Experience utilizing/with CodeQL or other static code analysis platforms
Experience performing black-box testing of web applications

Nice to have

Curiosity
Tenacity
Drive to be a world-class security engineer
Self motivated
Experience in solving complex problems
History and experience designing and shipping production-ready software
Strong communication and collaboration skills
Ability to learn and apply new technologies quickly and in complex deployments

What the JD emphasized

advanced persistent threats

mission-critical information

mission-critical work

secure-by-default

security reviews

security subject matter expert

security initiatives

security automation

security problems

security improvements

security engineer

software engineering experience

information security

code for vulnerabilities

complex architectures

static code analysis

black-box testing

A World-Changing Company

Palantir builds the world’s leading software for data-driven decisions and operations. By bringing the right data to the people who need it, our platforms empower our partners to develop lifesaving drugs, forecast supply chain disruptions, locate missing children, and more.

The Role

Our products support some of the most important and impactful work in the world, including defense, intelligence, and commercial applications. We are trusted by our customers to protect their mission-critical information in the face of advanced persistent threats. The mission of the Application Security Team is to enable developers to be highly productive, agile, and produce the most secure software possible. Given the mission critical work that Palantir does, investments in application security have never been more important.

As an Application Security Engineer, you will be hands-on and have wide-ranging impact for the security of Palantir:

• Product security reviews. You will perform full-scope security reviews of our current and future product and service portfolio. This includes whitebox, greybox, and blackbox assessments. You will work with offensive security teams, engineering teams, and other members of the InfoSec organization to harden our products against our dedicated adversaries.

• Architecture and design. You will be the security subject matter expert for product architects and engineers. You will threat model, assess risks, and help implement security controls and mitigations to address identified issues. You will directly steer the design of our products to ensure we are secure-by-default.

• Strategic security initiatives. You will be empowered to own transformational security initiatives that impact the whole company. Members of the Application Security Team have implemented software supply chain security controls (e.g., in-toto), implemented hardware-backed GPG key signing for commits, developed new security services, implemented security automation, or worked on massive-scale security problems.

• **Vulnerability identification and analysis. **You will be responsible for finding new and novel ways to identify and resolve security vulnerabilities in our products. This includes static and dynamic code analysis, security scanning, investigation of security reports from InfoSec, our bug bounty program, or other trusted partners, and direct work with our incident response team on product security issues and incidents.

This role has wide-reaching impact, strong autonomy, and the resources and empowerment to make significant security improvements across all Palantir. The skills and background of successful candidates may vary highly, but curiosity, tenacity, and a drive to be a world-class security engineer are the underpinnings of our team.

Core Responsibilities

Perform deep architecture and security reviews on highly complex products to identify vulnerabilities
Lead engineering teams in feature design, threat modeling, and security-critical code and architecture
Develop and implement automation to eliminate entire classes of weaknesses across the organization
Drive decision-making by determining the tradeoffs between security and product design
Lead implementation of strategic security initiatives that improve security across Palantir

What We Value

Self motivated, experience in solving complex problems
History and experience designing and shipping production-ready software
Strong communication and collaboration skills who feels comfortable working closely with engineering teams
Ability to learn and apply new technologies quickly and in complex deployments

What We Require

Development or software engineering experience and a deep passion for information security
Experience with a modern high-level programming language (e.g. Java, Golang, Javascript, Python, etc.)
Demonstrated experience evaluating code for vulnerabilities and weaknesses
Experience with complex architectures and codebases (e.g. SOA or micro-services)
Experience utilizing/with CodeQL or other static code analysis platforms
Experience performing black-box testing of web applications

Salary

The estimated salary range for this position is estimated to be $135,000 - $200,000/year. Total compensation for this position may also include Restricted Stock units, sign-on bonus and other potential future incentives. Further note that total compensation for this position will be determined by candidate’s relevant qualifications, work experience, skills, and other factors. This estimate excludes the value of any potential sign-on bonus; the value of any benefits offered; and the potential future value of any long-term incentives.

Our benefits aim to promote health and wellbeing across all areas of Palantirians’ lives. We work to continuously improve our offerings and listen to our community as we design and update them. The list below details our available benefits and some of the perks that can be enjoyed as an employee of Palantir Technologies.

Benefits

• Employees (and their eligible dependents) can enroll in medical, dental, and vision insurance as well as voluntary life insurance

• Employees are automatically covered by Palantir’s basic life, AD&D and disability insurance

• Commuter benefits

• Relocation assistance

• Take what you need paid time off, not accrual based

• 2 weeks paid time off built into the end of each year (subject to team and business needs)

• 10 paid holidays throughout the calendar year

• Supportive leave of absence program including time off for military service and medical events

• Paid leave for new parents and subsidized back-up care for all parents

• Fertility and family building benefits including but not limited to adoption, surrogacy, and preservation

• Stipend to help with expenses that come with a new child

• Employees can enroll in Palantir’s 401k plan

Life at Palantir

We want every Palantirian to achieve their best outcomes, that’s why we celebrate individuals’ strengths, skills, and interests, from your first interview to your longterm growth, rather than rely on traditional career ladders. Paying attention to the needs of our community enables us to optimize our opportunities to grow and helps ensure many pathways to success at Palantir. Promoting health and well-being across all areas of Palantirians’ lives is just one of the ways we’re investing in our community. Learn more at Life at Palantir and note that our offerings may vary by region.

In keeping consistent with Palantir’s values and culture, we believe employees are “better together” and in-person work affords the opportunity for more creative outcomes. Therefore, we encourage employees to work from our offices to foster connectivity and innovation. Many teams do offer hybrid options (WFH a day or two a week), allowing our employees to strike the right trade-off for their personal productivity. Based on business need, there are a few roles that allow for “Remote” work on an exceptional basis. If you are applying for one of these roles, you must work from the state in which you are employed. If the posting is specified as Onsite, you are required to work from an office.

If you want to empower the world's most important institutions, you belong here. Palantir values excellence regardless of background. We are proud to be an Equal Opportunity Employer for all, including but not limited to Veterans and those with disabilities. Palantir is committed to making the application and hiring process accessible to everyone and will provide a reasonable accommodation for those living with a disability. If you need an accommodation for the application or hiring process_, _please reach out and let us know how we can help.

Please note that you will never be asked to submit a payment or share financial information to participate in our interview process. If you suspect that you've been contacted by a scammer, we recommend you cease all communication with the individual and consider reporting them to the relevant authorities, such as the US FBI Internet Crime Complaint Center (IC3).

If you would like to understand more about how your personal data will be processed by Palantir, please see our Privacy Policy.