Defensive Security Analyst

A World-Changing Company Palantir builds the world’s leading software for data-driven decisions and operations. By bringing the right data to the people who need it, our platforms empower our partners to develop lifesaving drugs, forecast supply chain disruptions, locate missing children, and more. The Role As a Defensive Security Analyst, you are responsible for the security of Palantir’s people and infrastructure around the globe. Your technical expertise is second only to your integrity and real passion for security and technology in general. Our ideal candidate works well on a team, is highly motivated, and enjoys solving problems and taking on new challenges. In this role, you'll independently manage SOC systems that are essential to our security posture, ensuring they are properly engineered, maintained, and monitored. Salary The estimated salary range for this position is estimated to be $145,000 - $200,000/year. Total compensation for this position may also include Restricted Stock units, sign-on bonus and other potential future incentives. Further note that total compensation for this position will be determined by each individual’s relevant qualifications, work experience, skills, and other factors. This estimate excludes the value of any potential sign-on bonus; the value of any benefits offered; and the potential future value of any long-term incentives. Our benefits aim to promote health and wellbeing across all areas of Palantirians’ lives. We work to continuously improve our offerings and listen to our community as we design and update them. The list below details our available benefits and some of the perks that can be enjoyed as an employee of Palantir Technologies. Benefits •  Employees (and their eligible dependents) can enroll in medical, dental, and vision insurance as well as voluntary life insurance •  Employees are automatically covered by Palantir’s basic life, AD&D and disability insurance •  Commuter benefits •  Relocation assistance •  Take what you need paid time off, not accrual based •  2 weeks paid time off built into the end of each year (subject to team and business needs) •  10 paid holidays throughout the calendar year •  Supportive leave of absence program including time off for military service and medical events •  Paid leave for new parents and subsidized back-up care for all parents •  Fertility and family building benefits including but not limited to adoption, surrogacy, and preservation •  Stipend to help with expenses that come with a new child •  Employees can enroll in Palantir’s 401k plan Life at Palantir We want every Palantirian to achieve their best outcomes, that’s why we celebrate individuals’ strengths, skills, and interests, from your first interview to your longterm growth, rather than rely on traditional career ladders. Paying attention to the needs of our community enables us to optimize our opportunities to grow and helps ensure many pathways to success at Palantir. Promoting health and well-being across all areas of Palantirians’ lives is just one of the ways we’re investing in our community. Learn more at Life at Palantir and note that our offerings may vary by region. In keeping consistent with Palantir’s values and culture, we believe employees are “better together” and in-person work affords the opportunity for more creative outcomes. Therefore, we encourage employees to work from our offices to foster connectivity and innovation. Many teams do offer hybrid options (WFH a day or two a week), allowing our employees to strike the right trade-off for their personal productivity. Based on business need, there are a few roles that allow for “Remote” work on an exceptional basis. If you are applying for one of these roles, you must work from the state in which you are employed. If the posting is specified as Onsite, you are required to work from an office. If you want to empower the world's most important institutions, you belong here. Palantir values excellence regardless of background. We are proud to be an Equal Opportunity Employer for all, including but not limited to Veterans and those with disabilities. Palantir is committed to making the application and hiring process accessible to everyone and will provide a reasonable accommodation for those living with a disability. If you need an accommodation for the application or hiring process, please reach out and let us know how we can help. Please note that you will never be asked to submit a payment or share financial information to participate in our interview process. If you suspect that you've been contacted by a scammer, we recommend you cease all communication with the individual and consider reporting them to the relevant authorities, such as the US FBI Internet Crime Complaint Center (IC3). If you would like to understand more about how your personal data will be processed by Palantir, please see our Privacy Policy. Core Responsibilities Build, run, and own infrastructure and automation to detect, contain, and eradicate security threats Develop alerting and detection strategies to identify malicious or anomalous behavior Develop comprehensive and accurate reports and presentations for both technical and executive audiences Develop new and novel defensive techniques to identify or counteract changes in adversary techniques and tactics Dissect network, host, memory, and other artifacts originating from multiple operating systems and applications Perform enterprise-wide operations to uncover sophisticated and undetected threats Partner closely with other members of the Information Security team to lead changes in the company's network defense posture Provide expertise in a supporting capacity for incident response activities and digital forensics state preservation, including the capture and preservation of system logs, volatile memory captures, and hard drive (physical or virtual) image captures Conduct host forensics, network, forensics, log analysis, and malware triage in support of hunt operations Interface with client contact(s) and staff in a constructive and professional manner Utilize common forensic and incident response tools What We Value Knowledge of operating and maintaining a SIEM Knowledge of cloud architectures, particularly AWS Experience in penetration testing Ability to quickly learn new technologies and have an ongoing desire to stay current with the latest technologies Ability to train others on the use of forensic and incident response techniques and tools What We Require TS/SCI Clearance Established experience in operating in SOC environment, either through relevant experience or qualifications Experience with programming or scripting languages such as PowerShell, Python, and Bash Willingness and ability to commute to our Georgetown office within one hour when on-call

{
  "content_hash": "f18b0d8470921037dbca59c074eee4bf819f51f84543c04af0ec12513be28af0",
  "source_hash": "f57604861c9baf2437ae91f1e4e559aa2b40f3e4bf9de0a5123b1b1eac79b6f7",
  "last_changed_at": "2026-05-29T07:11:46.777Z",
  "active_status": "active"
}

{
  "language": "en",
  "location": {
    "raw": "Washington, D.C.",
    "city": "Washington",
    "region": null,
    "country": "United States",
    "is_remote": false,
    "confidence": 0.9
  },
  "salary_max": 200000,
  "salary_min": 145000,
  "inferred_at": "2026-06-06T19:07:37.268Z",
  "launch_scope": {
    "reason": "english_us_canada",
    "included": true,
    "language": "en",
    "location": {
      "raw": "Washington, D.C.",
      "city": "Washington",
      "region": null,
      "country": "United States",
      "is_remote": false,
      "confidence": 0.9
    },
    "countries": [
      "United States"
    ]
  },
  "remote_policy": null,
  "salary_period": "year",
  "workplace_type": "on_site",
  "salary_currency": "USD"
}

{}

{
  "lists": [
    {
      "text": "Core Responsibilities",
      "content": "\n<li>Build, run, and own infrastructure and automation to detect, contain, and eradicate security threats</li>\n<li>Develop alerting and detection strategies to identify malicious or anomalous behavior</li>\n<li>Develop comprehensive and accurate reports and presentations for both technical and executive audiences</li>\n<li>Develop new and novel defensive techniques to identify or counteract changes in adversary techniques and tactics</li>\n<li>Dissect network, host, memory, and other artifacts originating from multiple operating systems and applications</li>\n<li>Perform enterprise-wide operations to uncover sophisticated and undetected threats</li>\n<li>Partner closely with other members of the Information Security team to lead changes in the company's network defense posture</li>\n<li>Provide expertise in a supporting capacity for incident response activities and digital forensics state preservation, including the capture and preservation of system logs, volatile memory captures, and hard drive (physical or virtual) image captures</li>\n<li>Conduct host forensics, network, forensics, log analysis, and malware triage in support of hunt operations</li>\n<li>Interface with client contact(s) and staff in a constructive and professional manner</li>\n<li>Utilize common forensic and incident response tools</li>\n"
    },
    {
      "text": "What We Value",
      "content": "\n<li>Knowledge of operating and maintaining a SIEM</li>\n<li>Knowledge of cloud architectures, particularly AWS</li>\n<li>Experience in penetration testing</li>\n<li>Ability to quickly learn new technologies and have an ongoing desire to stay current with the latest technologies</li>\n<li>Ability to train others on the use of forensic and incident response techniques and tools</li>\n"
    },
    {
      "text": "What We Require",
      "content": "\n<li>TS/SCI Clearance</li>\n<li>Established experience in operating in SOC environment, either through relevant experience or qualifications</li>\n<li>Experience with programming or scripting languages such as PowerShell, Python, and Bash</li>\n<li>Willingness and ability to commute to our Georgetown office within one hour when on-call</li>\n"
    }
  ],
  "country": "US",
  "createdAt": 1767873118513,
  "updatedAt": null,
  "categories": {
    "team": "Information Security",
    "location": "Washington, D.C.",
    "commitment": "Full-time",
    "allLocations": [
      "Washington, D.C."
    ]
  },
  "salaryRange": null,
  "workplaceType": "onsite"
}