Detection & Response Security Engineer, Threat Intelligence

Summary:

Meta Security is looking for a threat intelligence investigator with extensive experience in investigating cyber threats with an intelligence-driven approach. You will be proactively responding to a broad set of security threats, as well as tracking actor groups with an interest or capability to target Meta and its employees. You will also be identifying the gaps in current detections and preventions by long-term intelligence tracking and research, and working with cross-functional stakeholders to improve Meta's security posture. You will help the team establish, lead and execute multi-year roadmaps that improve research efficiency and quality across the team, and drive improvements to stakeholder management across a broad range of intelligence requirements.

Required Skills:

Detection & Response Security Engineer, Threat Intelligence Responsibilities:

1. Influence and align the team's vision and strategy. Collaboratively prioritize and deliver specific multi-year roadmaps and projects

2. Build, cultivate, and maintain impactful relationships with intelligence stakeholders to identify and facilitate solutions to increase the impact of the team's work

3. Refine operational metrics, key performance indicators, and service level objectives to measure Intelligence research and services

4. Lead cross-functional projects to improve the security posture of Meta's infrastructure, such as red team operations, surface detection coverage expansion and vulnerability management discussions

5. Track threat clusters posing threats to Meta's infrastructure and employees, and identify, develop and implement countermeasures on our corporate network

6. Investigate, mitigate, and forecast emerging technical trends and communicate effectively with actionable suggestions to different types of audiences

7. Work closely with incident responders to provide useful and timely intelligence to enrich ongoing investigations

8. Improve the tooling of threat cluster tracking and intelligence data integration to existing systems

Minimum Qualifications:

Minimum Qualifications:

9. 8+ years threat intelligence experience

10. B.S. or M.S. in Computer Science or related field, or equivalent experience

11. Be a technical and process subject matter expert regarding Security Operations and Threat Intelligence services

12. Experience developing and delivering information on threats, incidents and program status for leadership

13. Expertise with campaign tracking techniques and converting tracking results to long term countermeasures

14. Expertise with threat modeling frameworks, such as Diamond Model or/and MITRE ATT&CK framework

15. Experience intelligence-driven hunting to spot suspicious activities in the network and identify potential risks

16. Proven track record of managing and executing on short term and long term projects

17. Ability to work with a team spanning multiple locations/time zones

18. Ability to prioritize and execute tasks with minimal direction or oversight

19. Ability to think critically and qualify assessments with solid communications skills

20. Coding or scripting experience in one or more scripting languages such as Python or PHP

Preferred Qualifications:

Preferred Qualifications:

21. Experience recruiting, building, and leading technical teams, including performance management

22. Experience close collaborating with incident responders on incident investigations

23. Experience in threat hunting including leveraging intelligence data to proactively identify and iteratively investigates suspicious behavior across networks and systems

24. Familiarity with malware analysis or network traffic analysis

25. Familiarity with nation-state, sophisticated criminal, or supply chain threats

26. Familiarity with file-based or network-based rules and signatures for detection and tracking of complex threats, such as YARA or Snort

27. Experience in one or more query languages such as SQL

28. Experience authoring production code for threat intelligence tooling

29. Experience conducting large scale data analysis

30. Experience working across the broader security community

Public Compensation:

$177,000/year to $251,000/year + bonus + equity + benefits

Industry: Internet

Equal Opportunity:

Meta is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law. Meta participates in the E-Verify program in certain locations, as required by law. Please note that Meta may leverage artificial intelligence and machine learning technologies in connection with applications for employment.

Meta is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process. If you need any assistance or accommodations due to a disability, please let us know at accommodations-ext@fb.com.