Security Engineer - IR Threat Intelligence
META
Job Description
Summary
Meta Security is looking for a threat intelligence investigator with extensive
experience
in investigating cyber threats with an intelligence-driven approach. You will be proactively responding to a broad set of security threats, as well as tracking actor groups with an interest or capability to target Meta and its employees. You will also be identifying the gaps in current detections and preventions by long-term intelligence tracking and research, and working with cross-functional stakeholders to improve Meta's security posture.
Required Skills
Security Engineer - IR Threat Intelligence
Responsibilities
Track threat clusters posing threats to Meta's infrastructure and employees, and identify, develop and implement countermeasures on our corporate network Investigate, mitigate, and forecast emerging technical trends and communicate effectively with actionable suggestions to different types of audiences Work closely with incident responders to provide useful and timely intelligence to enrich ongoing investigations Improve the tooling of threat cluster tracking and intelligence data integration to existing systems Engage constructively in cross-functional projects to improve the security posture of Meta's infrastructure, such as red team operations, surface detection coverage expansion and vulnerability management discussions
Minimum Qualifications
Minimum Qualifications
5 years threat intelligence
experience
Bachelor's degree or equivalent
experience
in Security Familiarity with campaign tracking techniques and ability to convert the tracking results to long term countermeasures Familiarity with threat modeling framework, such as Diamond Model or/and MITRE ATT&CK framework
Experience
intelligence-driven hunting to spot suspicious activities in the network and identify potential risks Proven track record of managing and executing on short term and long term projects Ability to work with a team spanning multiple locations/time zones Ability to prioritize and execute tasks with minimal direction or oversight Ability to think critically and qualify assessments with solid communications
skills
Coding or scripting
experience
in one or more scripting languages such as Python or PHP
Preferred Qualifications
Preferred Qualifications
Experience
close collaborating with incident responders on incident investigations Familiarity with malware analysis or network traffic analysis Familiarity with nation-state, sophisticated criminal, or supply chain threats Production of file-based or network-based rules and signatures for detection and tracking of complex threats, such as YARA or Snort
Experience
in one or more query languages such as SQL
Experience
writing production code for threat intelligence tooling
Experience
conducting large scale data analysis
Experience
working across the broader security community Public
Compensation
54,000/year to 17,000/year bonus equity
benefits
Industry: Internet Equal Opportunity: Meta is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law.
Meta participates in the E-Verify program in certain locations, as required by law. Please note that Meta may leverage artificial intelligence and machine learning technologies in connection with applications for employment. Meta is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process.
If you need any assistance or accommodations due to a disability, please let us know at accommodations-ext@meta.com.