Information Security Engineer - Endpoint

About this role

Palantir seeks an experienced Information Security Engineer to defend its global Windows and Active Directory infrastructure against sophisticated threats. This role involves designing and operating detection systems, threat hunting, and infrastructure hardening across a 24/7 security operation.

What you'll do

• Own security posture of Palantir's enterprise Windows infrastructure globally
• Develop and maintain detection rules and hunting pipelines for Windows and Active Directory attacks
• Conduct 24/7 prevention, detection, and investigation of security events
• Design and implement Windows hardening strategies and security controls
• Perform threat hunting and adversarial analysis of Windows attack techniques
• Collaborate with security team on incident response and threat intelligence

What they're looking for

• Deep expertise in Windows and Active Directory security
• Proficiency writing detection rules and SIEM queries
• Knowledge of Windows kernel and privilege escalation techniques
• Understanding of Kerberos authentication and anomaly detection
• Experience with threat hunting and adversarial analysis
• Incident response and forensics capabilities
• Infrastructure security and hardening practices
• Security tool development and integration