特斯拉Threat Detection & Digital Forensic Intern, Security Intelligence
任职要求
• Currently pursuing a degree in Electrical Engineering, Computer Science,Information Technology, or related field of study with a gradation date between2026 - 2027 • Willing to relocate and work on site in Lingang, Shanghai• Experience with data analysis and visualization tools, such as Excel, Tableau, or Power BI • Strong knowledge of operating systems and mobile systems (Android, iOS). • Experience with software analysis, reverse engineering, or embedded sy…
工作职责
About the Team Tesla's Security Intelligence team is responsible for protecting the company's intellectualproperty of its products, services, and infrastructure from cyber threats. We are a team ofsecurity professionals who are passionate about staying ahead of threats and ensuring thesecurity and integrity of Tesla's systems and data. Responsibilities • Design and implement scalable monitoring processes to ensure detectionmechanisms are functioning as intended and generating actionable insights• Analyze data trends and detection outcomes to continuously improve theperformance and accuracy of risk-based alerting systems • Assist in the collection, processing, and review of electronically storedinformation (ESI) using industry-standard eDiscovery platforms (e.g., Relativity,Logikull, Nuix, Reveal). • Support digital forensics investigations including preservation of evidence, chainof custody documentation, and forensic imaging. • Maintain organized project files, logs, and documentation in compliance withlegal hold and data governance procedures. • Analyze and interpret complex log data to identify relevant information • Collaborate with attorneys, paralegals, and forensic examiners to supporteDiscovery matters.
- Lead the security operations function aligned with organizational goals and risks appetites, and collaborate with other security functional teams to enhance protection measures and overall security posture. - Develop and maintain the organization’s incident response playbooks and security operational runbooks. - Manage outsourced service providers, including intra-group outsourcing arrangements and other third-party vendors. Perform regular evaluations of vendor performance and oversee Service Level Agreements (SLAs). - Ensure high performance, accountability, and compliance from all outsourced providers while optimizing costs. - Lead the organization’s incident response efforts, working closely with internal teams and external partners during security events. - Conduct detailed investigations into security breaches and anomalous activities, and provide insights for remediation and improvement. - Communicate actionable insights and updates on the evolving threat landscape to relevant stakeholders. - Identify and implement new technologies, tools, and methodologies to enhance security operations efficiency and effectiveness. - Provide regular reporting to leadership and other functional heads on security operations metrics and trends.
About The Team The Information Security team is at the core of the Tiger Brokers' trading platform. Comprising passionate engineers from across the globe, the team endeavors to develop the best systems using the most appropriate technologies. The SOC operations function is accountable for planning and overseeing the monitoring and maintenance of security operations, and providing guidance and leadership to internal resources. If you share the passion for cybersecurity, there's no better way to experience it firsthand. Job Description - Monitor and analyze security infrastructure to support detection and response to threats, vulnerabilities, and incidents. - Conduct basic investigations of security events, including malware infections and unauthorized access attempts. - Escalate critical cases to the incident response team and to provide support where needed - Assist in identifying opportunities for tuning to improve detection accuracy and reduce false positives - Handling case management, generating tickets and reports when required, and tracking open tickets until closure - Prepare scheduled and ad-hoc reports
1. 安全战略落地与能力迁移 ○ 基于集团已确立的国际化安全战略,协助制定落地路线图; ○ 协同阿里控股安全团队将国内成熟的基础安全平台能力(如办公安全、生产安全、数据安全等)迁移至国际业务场景,实现“能力出海”。 2. 全球基础安全体系建设 ○ 搭建适配海外市场的基础安全体系,包括访问控制、数据保护、日志审计、威胁监测等; ○ 支撑 Lazada、AliExpress、Miravia等多区域业务的安全能力统一与差异化融合。 3. 产品与平台国际化适配 ○ 推动已有安全能力的国际化重构与组件解耦(语言、部署、合规、接口标准等); ○ 指导控股安全平台产品形成海外通用输出形态,如SaaS化/轻代理/API服务化等。 4. 合规与数据主权落地 ○ 结合各区域法规要求(如GDPR、PDPA、拉美数据法等),推动策略制定与落地执行; ○ 支持数据本地化、跨境流转审计、国际隐私保护机制建设。 5. 全球安全运营能力建设 ○ 协同安全运营团队搭建覆盖多时区、多语言的全球运营体系(轻量SOC、安全工单系统等); ○ 搭建全球威胁情报适配与协同机制,支撑本地事件响应能力。 6. 跨团队协作与团队建设 ○ 与平台(集团安全产技)、业务、安全技术、安全合规、法律、海外运营等团队紧密协作; ○ 参与相关人才梯队建设,为国际安全团队注入全球化能力。 Strategic Execution & Capability Reuse ● Translate group-level global security strategies into actionable execution plans; ● Drive the migration, adaptation, and productization of Alibaba’s core security capabilities (Cloud Infrastrcure, Application and Data Security, etc.) for international business use. Global Security Infrastructure & Architecture ● Build baseline security architectures across markets, including access management, data protection, audit/logging, and threat detection; ● Support regional business security unification while respecting localized needs. Internationalization of Security Products ● Lead internationalization efforts for internal security tools: multi-language support, local deployment architecture, and regional compliance standards; ● Deliver modular, API-driven, and SaaS-compatible security components for overseas platforms. Compliance & Data Sovereignty ● Design and enforce compliance frameworks aligning with GDPR, PDPA, CCPA, and other regional data privacy regulations; ● Support data localization, cross-border flow auditing, and international privacy mechanism design. Security Operations & Threat Response ● Co-build regionalized security operations capabilities (SOC-lite models, incident response playbooks, multilingual ticketing systems); ● Establish globally coordinated threat intel and response mechanisms. Cross-Team & Talent Development ● Work closely with security engineering, platform, legal, compliance, and international operations teams; ● Mentor or hire security professionals with international capabilities and build the foundation of a globally distributed team.
• Response and Resolution: You own, investigate, and solve complex customer technical issues and act as an advisor to the customer, collaborating within and across teams and leveraging troubleshooting tools and practices.• Readiness: You lead in building communities with peer delivery roles and share your knowledge through readiness programs, technical coaching and mentoring of others. • You deepen your technical and professional proficiency to enable you to resolve complex customer issues, through training and readiness.• Product/Process Improvement: You engage with Microsoft Engineering/ Supportability teams to investigate potential product defects and help develop automation techniques and diagnostic tools driving Microsoft product improvements. • Respond to and resolve critical customer issues as part of a 24x7 on-call rotation.