Industrial Security Engineer

At Tesla, we believe that security is a collaborative partnership where we work together to educate, build, and run secure applications and infrastructure. Tesla is continuously pushing the boundaries of innovation in transportation, energy generation and storage, self-driving, AI, hardware, and software. The Industrial Security team is responsible for working with every single team within the company to enable them to build applications and infrastructure with security in mind. There are very few jobs in security that will challenge you like this will.

On this team, one of our key areas of focus is our continuously expanding industrial energy and manufacturing footprint. We are looking for a dynamic and versatile engineer who has an intense fascination with securing these environments. The candidate must have the ability to evolve in terms of technical skill and can rapidly consume security standards, policy, and architecture. While this is a technical role, there is a strong governance, risk, and compliance component.

• Assess, audit, recommend, design, document and improve security solutions and processes for industrial energy and manufacturing process and control network environments.
• Work with product development, service teams and product managers to achieve positive security outcomes.
• Work with detection and operations teams to develop intrusion and prevention processes, techniques, and solutions.
• Implement security architecture, methods, and controls required to meet industry standards, compliance, audit, and regional regulatory requirements.
• Respond to and, when appropriate, resolve or escalate security incidents.
• Develop and maintain documentation for security systems and procedures.
• Investigate and resolve security violations by providing post-mortem analysis to illuminate the issue, and identify causes, possible solutions, and preventative measures.

• Experience in OT/ICS or industrial environments, understanding the unique challenges encountered with critical infrastructure or OT/ICS environments.
• 2-3 years employed in system administration, security, or development.
• Confident with discovering and navigating systems and applications not previously encountered.
• A background in network engineering, architecture and/or security. Solid understanding of L2/L3 networking and architecture. Confident with auditing switches and firewall configurations not previously encountered.
• A background in conducting technical security assessments (e.g., penetration testing, vulnerability assessment) and/or paper-based assessments against set framework, standards, or similar requirements.
• Understanding of industrial standards (e.g., IEC 62443, NIST SP 800-82) and regional regulations (ENISA NIS2, NERC-CIP, AESCSF, UK DER CSCG).
• Understanding of processes and procedures for infrastructure projects (e.g., data centre, corporate, financial, or industrial).
• Ability to work both autonomously and cooperatively with different stakeholders from diverse disciplines.