You can apply directly to this role here: it_infosec__information_security_analyst_iii_6f7de0832us@ivy.greenhouse.io

*This position must sit in any state in the Pacific Standard Time Zone*

Company Overview

Join TuSimple and help change the way the world moves.  Together we're making freight transportation safer, more efficient, and more environmentally friendly.

TuSimple is a fully commercialized autonomous trucking company.   As a multi-national Artificial Intelligence Technology Company, we are at the epicenter of the Autonomous Vehicle Universe. Our breakthroughs are leading the industry in autonomous trucking.  

While inventing the framework of Autonomous Driving, our live fleet of autonomous Trucks have fully evolved land freight.    TuSimple is leading the way by hiring the most talented researchers, engineers, and scientists.  

TuSimple was founded half a decade ago with the goal of bringing the top minds in the world together to achieve the dream of a driverless truck solution. With a foundation in computer vision, algorithms, mapping, and Artificial Intelligence, TuSimple has created the first commercially viable Autonomous Freight Network. 

Opportunity Overview:

The Information Security Analyst III is a member of TuSimple’s Security Operations Center (SOC) who monitors the organization’s entry channels to ensure the business is safeguarded against internal and external threats. They function both reactively and proactively and help bolster security processes, procedures, and policies. Additionally, the Information Security Analyst III assists with/conducts routine audits, performs risk assessments, and plays a key role in incident response situations. 

The Information Security Analyst  III is an active collaborator and an effective communicator. They find gaps, solve problems, thrive under pressure, and have an unrelenting drive to achieve and maintain optimal levels of security.

Role Responsibilities

• Helps Entry/Junior analysts with security events from the various Security Operations Center (SOC) entry channels (SIEM, Tickets, Email, and Phone) and runs the incident if necessary. Collaborates with other seniors / TLM if necessary to perform further investigation and resolution.
• Recommends enhancements to SOC security process, procedures, and policies.
  Performs network security monitoring and incident response; maintains records of security monitoring and incident response activities
• Conducts security assessments of IT infrastructure, enterprise applications, and production systems.
• Performs vulnerability scans, analysis, reporting and subsequent remediation actions.
• Performs weekly auditing/monitoring activities for anomalous or security relevant events.
• Assists with monitoring and testing the deployment of security infrastructure to ensure it’s full deployment and effectiveness.
  Investigates, triages and assists in the containment of all potential cybersecurity incidents.
• Conducts 3rd-party vendor risks assessments.
• Monitors and analyzes Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), and Security Information and Event Management (SIEM).
• Creates, modifies, and updates IDS, IPS, and SIEM rules.
• Recognizes potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information.
• Efficiently and effectively evaluates and deconstructs malware.
• Consolidates and analyzes large sets of data in order to discover indications of compromise (Threat Hunting).
• Assists with implementation of counter-measures or mitigating controls.
• Creates and maintains Playbooks, and undertakes automation building (XSOAR).
• Establishes and maintains strong working relationships across the organization.

 Experience & Skills Required

• 3-5 years previous Security Operations Center experience (preferred) or 2-3 years Security Engineering experience with previous SOC experience.
• Experience in conducting security investigations  
• Working knowledge of multiple operating systems and system administration skills (Windows, OSX, Linux)  
• Strong knowledge of client-server applications, multi-tier web applications, relational databases, firewalls, VPNs, EDR
• Demonstrated understanding of security incident management, malware management and vulnerability management processes  
• Experience with web content filtering technology, policy engineering, and troubleshooting  
• Strong working knowledge of operating systems and network security principles (i.e. TCP/IP, WANs, LANs, and commonly used Internet protocols such as SMTP, HTTP, FTP, POP, LDAP)  
• Prior experience working with vulnerability scanning tools.    
• Past experience using industry standard or open source vulnerability scanning or security patching tools.
• Strong working knowledge and experience with access control systems like Single Sign On (SSO), Active Directory and other IAM systems.  
• Demonstrated experience using Security Orchestration, Automation, and Response (SOAR) tools (Dimesto, Phantom, InsightConnect)     
• Well developed skills that enable effective risk and issue detection, assessment and resolution.

TuSimple Benefits

• 100% employer-paid healthcare premiums for you and your family
• Work visa sponsorship available
• Breakfast, lunch, and dinner served every day
• Full kitchens on every floor with unlimited snacks, drinks, special treats, fruits, meals, and more
• Gym membership reimbursement
• Learning/education budget  
• Employer-paid life insurance
• Employer-paid long and short disability

TuSimple is an Equal Opportunity Employer. This company does not discriminate in employment and personnel practices on the basis of race, sex, age, handicap, religion, national origin, or any other basis prohibited by applicable law. Hiring, transferring and promotion practices are performed without regard to the above-listed items.

#LI-KS1

You can apply directly to this role here: it_infosec__information_security_analyst_iii_6f7de0832us@ivy.greenhouse.io

Brown University, California Institute of Technology, Carnegie Mellon University, Columbia University, Cornell University, Dartmouth College, Duke University, Georgia Institute of Technology, Harvard University, Harvey Mudd College, Massachusetts Institute of Technology, North Carolina State University, Northwestern University, Princeton University, Purdue University, Rice University, Rose – Hulman Institute of Technology, Stanford University, Tufts University, University of California — Berkeley, University of California — Los Angeles, University of Illinois–Urbana-Champaign, University of Maryland–College Park, University of Massachusetts–Amherst, University of Michigan–Ann Arbor, University of Notre Dame, University of Pennsylvania, University of Southern California, University of Texas Austin, University of Washington, University of Wisconsin–Madison, Williams College, Worcester Polytechnic Institute (WPI), Yale University, MIT, CMU, Waymo, Uber, Facebook, Uber, Amazon, Cruise, Tesla, Argo AI, Baidu, DIDI, Zoox, Nutonomy, Nuro, Aptiv, Pony.Ai, Kodiak, Toyota, Nissan, GM, Ford, VW, Autonomous Car, Autonomous Driving, Robotics, Artificial Intelligence, Machine Learning, Deep learning, Perception, Prediction, Planning, Control