# Defensive Security Analyst

**Company:** [Palantir](https://hotfix.jobs/companies/palantir)
**Location:** Washington, DC
**Role:** Security Engineering
**Skills:** SIEM, AWS, PowerShell, Python, Bash, Incident Response, Digital Forensics, Malware Analysis, Log Analysis, Penetration Testing
**Posted:** 2026-01-08

> Manages SOC systems to detect, contain, and eradicate threats. Develops detection strategies, performs forensics and hunt operations, requiring SOC experience, scripting skills (Python, PowerShell, Bash), and TS/SCI clearance.

## Job Description

## Core Responsibilities
- Build, run, and own infrastructure and automation to detect, contain, and eradicate security threats.
- Develop alerting and detection strategies to identify malicious or anomalous behavior.
- Develop comprehensive and accurate reports and presentations for both technical and executive audiences.
- Develop new and novel defensive techniques to identify or counteract changes in adversary techniques and tactics.
- Dissect network, host, memory, and other artifacts originating from multiple operating systems and applications.
- Perform enterprise-wide operations to uncover sophisticated and undetected threats.
- Partner closely with other members of the Information Security team to lead changes in the company's network defense posture.
- Provide expertise in a supporting capacity for incident response activities and digital forensics state preservation, including the capture and preservation of system logs, volatile memory captures, and hard drive (physical or virtual) image captures.
- Conduct host forensics, network forensics, log analysis, and malware triage in support of hunt operations.
- Interface with client contact(s) and staff in a constructive and professional manner.
- Utilize common forensic and incident response tools.

## What We Value
- Knowledge of operating and maintaining a SIEM.
- Knowledge of cloud architectures, particularly AWS.
- Experience in penetration testing.
- Ability to quickly learn new technologies and have an ongoing desire to stay current with the latest technologies.
- Ability to train others on the use of forensic and incident response techniques and tools.

## What We Require
- TS/SCI Clearance.
- Established experience in operating in SOC environment, either through relevant experience or qualifications.
- Experience with programming or scripting languages such as PowerShell, Python, and Bash.

## Similar roles

- [Insider Threat Engineer](https://hotfix.jobs/jobs/bc8b5e01-3df2-4688-8776-c6cef3290d6c) - Cloudflare
- [Cloud Infrastructure Security Engineer](https://hotfix.jobs/jobs/c1242456-9dcd-4b44-b9cb-d19a59d3edac) - Runpod - Remote - $152k – $175k/yr
- [Full Stack Security Engineer](https://hotfix.jobs/jobs/8663cf4e-df75-4318-9410-189edd5593cc) - Runpod - Remote - $152k – $175k/yr
- [Engineering Manager, Agent & Product Security](https://hotfix.jobs/jobs/a65139d7-9502-4319-9abd-28bc7fa9e6b2) - Cursor - New York, NY
- [Security Program Manager](https://hotfix.jobs/jobs/e7f7fcaf-1979-4194-9131-83689809fe47) - Forus - New York, NY

**Apply:** https://hotfix.jobs/jobs/0a7d2577-e1ff-4a7d-bd83-adb741a39444
**Canonical:** https://hotfix.jobs/jobs/0a7d2577-e1ff-4a7d-bd83-adb741a39444