What To Expect
The Internal Audit team's mission is to call attention to risks and drive actions to address those risks to protect Tesla. The team partners with IT, Engineering, and Information Security/Privacy groups to identify areas of risk and make valuable recommendations on standardization of processes and controls.
Tesla is seeking an experienced cybersecurity auditor to plan, execute, lead, and report on operational, information security, and technical transformation audits. This position is responsible for leading complex activities associated with completing technical security assessments (audits), as well as performing other short-term projects to provide recommendations on standardizing controls within corporate, product, and manufacturing IT environments.
What You'll Do
Lead in-depth cybersecurity audits, evaluating network security, firewalls, IDS/IPS, ZIA/ZTA, endpoint security controlsInteract extensively with IT, InfoSec, and Engineering teams and be comfortable executing projects in areas of product security, data security, vulnerability management, end point security, and/or network securityConduct vulnerability assessments and penetration testing (controls stress test), identifying and addressing security gaps in applications, and cloud/hosted infrastructureEvaluate the effectiveness of cybersecurity monitoring and incident response practices, including SIEM, threat intelligence, and forensic capabilitiesAssess identity and access management (IAM) systems to measure the effective role-based access control (RBAC), authentication, and privileged access management (PAM) controlsCollaborate with cybersecurity and engineering functions to ensure audit findings drive improvements in security posture and threat detection capabilities for Tesla products and services
What You'll Bring
6+ years of years of demonstrated real world experience performing technical security assessments and/or penetration testingStrong understanding of cybersecurity frameworks (NIST, ISO 27001), compliance standards, and advanced attack vectorsAbility to conduct and lead penetration testing audits, vulnerability and/or threat assessments, and present risks to technical and non-technical stakeholdersProficiency in any of the following: PowerShell Empire, SPLUNK, Metasploit Framework, Cobalt Strike, Burp Suite, Canvas, Kali Linux, IPTables, Sysinternals, A/V evasion methodologies, Exploit DevKnowledge of exploitation concepts including phishing and social engineering tactics, buffer overflows, fuzzing, SQLi, MiTM, covert channels, secure tunneling and open-source exfiltration techniquesBachelor’s Degree in MIS or equivalent experienceAt least one professional certification required such as CISSP, GPEN, OSCP or other applicable professional certification
Benefits
Compensation and Benefits
Along with competitive pay, as a full-time Tesla employee, you are eligible for the following benefits at day 1 of hire:
Aetna PPO and HSA plans > 2 medical plan options with $0 payroll deduction Family-building, fertility, adoption and surrogacy benefits Dental (including orthodontic coverage) and vision plans, both have options with a $0 paycheck contribution Company Paid (Health Savings Account) HSA Contribution when enrolled in the High Deductible Aetna medical plan with HSA Healthcare and Dependent Care Flexible Spending Accounts (FSA) LGBTQ+ care concierge services 401(k) with employer match, Employee Stock Purchase Plans, and other financial benefits Company paid Basic Life, AD&D, short-term and long-term disability insurance Employee Assistance Program Sick and Vacation time (Flex time for salary positions), and Paid Holidays Back-up childcare and parenting support resources Voluntary benefits to include: critical illness, hospital indemnity, accident insurance, theft & legal services, and pet insurance Weight Loss and Tobacco Cessation Programs Tesla Babies program Commuter benefits Employee discounts and perks program
Expected Compensation
$80,000 - $228,000/annual salary + cash and stock awards + benefits
Pay offered may vary depending on multiple individualized factors, including market location, job-related knowledge, skills, and experience. The total compensation package for this position may also include other elements dependent on the position offered. Details of participation in these benefit plans will be provided if an employee receives an offer of employment.
, Tesla
