# Information Security Engineer - Insider Risk **Company:** [Palantir](https://hotfix.jobs/companies/palantir) **Location:** New York, NY **Experience:** 3+ years **Skills:** Python, PowerShell, SIEM, Soar, AWS, Azure, Linux, Windows, Forensics, Incident Response **Posted:** 2026-04-14 > Develops detection strategies and automates workflows to identify insider risks and sophisticated threats. Investigates security events using forensics and requires 3+ years experience with platforms like AWS/Linux and tools like SIEM/SOAR. ## Job Description ## Core Responsibilities - Engineer and automate end-to-end detection and investigation workflows, continuously improving Detection and Response infrastructure - Develop alerting and detection strategies to identify malicious or anomalous behavior, including new and novel defensive techniques that adapt to evolving adversary tactics and tradecraft - Dissect network, host, memory, and other artifacts originating from multiple operating systems and applications. - Investigate security events and active attacks across the enterprise, uncovering sophisticated threats and identifying patterns of behavior that indicate insider risk - Influence and inform security controls designed to safeguard Palantir's most critical assets - Partner closely with other members of the Information Security team to lead changes in the company's network defense posture. ## What We Value - Broad exposure to multiple security subject areas, including a strong background in **forensics** or **threat intelligence** - Deep exposure in **Incident Response** or **Detection Engineering** - Desire to further the information security community through substantive contributions (e.g. conference talks, blog posts, public tool development, etc.) - Comfort in operating autonomously and engaging across business levels to advise on security outcomes. ## What We Require - Extensive security experience (**3+ years**) in at least one major platform (e.g. **AWS**, **Azure**, **Windows**, **OS X**, **Linux**, etc.) - Proficiency in **Python** (preferred), **PowerShell**, or similar - Familiarity with endpoint telemetry and log sources from at least one major operating system - Experience with common **SIEM/SOAR** platforms and proficiency writing queries against security event data - Active **TS/SCI** security clearance or eligibility to obtain a security clearance. **Apply:** https://hotfix.jobs/jobs/information-security-engineer-insider-risk-at-palantir-a34696d4-207d-49ef-8a96-549df71dd7d3 **Canonical:** https://hotfix.jobs/jobs/information-security-engineer-insider-risk-at-palantir-a34696d4-207d-49ef-8a96-549df71dd7d3