Security Engineer, Investigations & Response

Meta Security is looking for an Incident Response Engineer with experience in the identification, containment, and mitigation of security incidents. You will be analyzing different data sources to detect, investigate and respond to internal and external threats. You will also be working with our software and production engineering teams to develop scalable systems to automate detection and remediation and help us build the next generation of security operations and response platforms. At Meta, supporting our employees is a core part of how we do business. From our generous benefits to our robust diversity programs, we’re focused on empowering all our employees to live life to the fullest and bring their best selves to work, each and every day. We’re proud of our supportive and inclusive culture and our International Headquarter benefits from over 100 different nationalities. We are dedicated to making Meta welcoming to everyone who comes to work with us and we actively seek to recruit people with different backgrounds and experiences to help us build better products, make better decisions and better serve our clients.

Required Skills

Security Engineer, Investigations & Response Responsibilities:

• Lead security incident response in a cross-functional environment and drive incident resolution
• Develop IR initiatives that improve our capabilities to effectively respond and remediate security incidents
• Perform digital forensic acquisition and analysis of a wide variety of assets including endpoints, mobile, servers and networking equipment
• Perform analysis of logs from a variety of sources (e.g., individual host logs, network traffic logs) to identify potential threats
• Perform root cause analysis and drive implementation of containment and mitigation strategies
• Build automation for response and remediation of malicious activity

Minumum Qualification

Minimum Qualifications:

• 7+ years of experience in Security Incident Response and Detection & Response Engineering
• Bachelor's degree or equivalent experience in Security
• Experience responding to both external and insider threats
• Experience analyzing network and host-based security events
• Knowledge of networking technologies, specifically TCP/IP and the related protocols
• Knowledge of operating systems, file systems, and memory structures on Windows, MacOS and Linux
• Coding/scripting experience in one or more general purpose languages
• Experience with attacker tactics, techniques, and procedures

Preferred Qualification

Preferred Qualifications:

• Background in malware analysis, digital forensics, intrusion detection, and/or threat intelligence
• Experience in threat hunting including leveraging intelligence data to proactively identify and iteratively investigates suspicious behavior across networks and systems
• Experience in host and memory forensics (including live response) for Windows, macOS and Linux
• Broad knowledge across the Security domain, as well as deep focus in one (or more) areas such as Logs and events processing, Incident Management, Digital Forensics, Detection and/or response tool development