Job Details
Meta Security is looking for a Security Engineer with experience in threat modeling, TTP identification, and detection engineering. You'll work alongside Software Engineers and Offensive Security Engineers to identify critical assets, assess the top risks, and evaluate potential attacks against Meta systems. You will be working across engineering teams supporting Production and Corporate systems to develop detection and response automation leveraging both industry-standard and custom detection and response platforms. You'll generate detection ideas utilizing some of the world's largest data sets and build on top of hyper-scale data pipelines.Security Engineer - Surface Coverage, Detection Engineering ResponsibilitiesLead cross-functional projects to improve our capabilities to effectively detect and respond to security incidentsReview security architecture of large-scale custom and commercial systems and independently propose logging, detection and prevention controlsPerform TTP-based Threat Modeling for a wide variety of assets including endpoints, mobile, servers, internal services, public & private cloud environments and networking equipmentPerform analysis against logs from a variety of sources (e.g., individual host logs, network traffic logs) to identify potential threats and detection ideasBuild response workflows and actions that auto-resolve false positives and provide context scaling our ability to investigateSupport security incident response in a cross-functional environment and drive incident resolutionDesign and implement attack testing automation to validate detection coverageBuild logging pipelines using our custom datasets and infrastructureMinimum Qualifications5+ years of experience in Detection & Response Engineering or similar Security Engineering roleExperience building complex automations and integrations using SOAR platformsBachelor's degree or equivalent experience in SecurityExperience designing systems used for responding to both external and insider threatsExperience analyzing network and host-based security eventsKnowledge of networking technologies, specifically TCP/IP and the related protocolsKnowledge of operating systems, file systems, and memory structures on Windows, MacOS and LinuxCoding/scripting experience in one or more general purpose languagesExperience with attacker tactics, techniques, and proceduresPreferred QualificationsBackground in security-focused software engineering, designing large scale systems and data pipelines, or offensive securityExperience in threat hunting including leveraging intelligence data to proactively identify and iteratively investigates suspicious behavior across networks and systemsBroad knowledge across the Security domain, as well as deep focus in one (or more) areas such as Logs and events processing, Incident Management, Digital Forensics, Offensive Security Testing, Detection and/or Response tooling developmentStart preparing Learn about how to prepare for your interview with our interview guide, tips, and interactive experiences. Visit interview prep