Incident Response Engineer Facebook
Seattle, WA

Job Description

Facebook's Security team is looking for an Incident Response Engineer with extensive experience in identifying, scoping, containing and eradicating real-world threats. We advance Facebook's mission of making the world more open and connected by identifying and neutralizing threats that aim to collect sensitive information or disrupt our infrastructure. Candidates are expected to translate their skills into goal oriented projects that improve identification and response time and reduce functional or informational impact when an incident occurs. Those with a desire to just wait for an incident to occur or to 'shoot from the hip' need not apply.

RESPONSIBILITIES

* Further develop our incident response program



Respond to compromised assets (phones, laptops, servers) in our Corporate and Production environments around the world

Identify and execute on projects that improve our intrusion detection and incident response capabilities

Perform research to identify new ways of achieving our mission, with an emphasis on open-sourcing tools or process wherever possible.

MINIMUM QUALIFICATIONS

* Experience in identifying, analyzing, scoping, containing and eradicating real-world threats



Knowledge of incident response phases and concepts

3+ years experience in developing, responding and analyzing technical security incident response for infrastructure

2+ years Experience in developing intrusion detection techniques with products like Bro, Suricata and SNORT Tools

3+ years experience with networking and Linux.

Experience with scripting and coding. Open source projects or commits.

Facebook is committed to providing reasonable accommodations for qualified individuals with disabilities and disabled veterans in our job application procedures. If you need assistance or an accommodation due to a disability, you may contact us at accommodations-ext@fb.com.