Facebook's Security team is looking for an Incident Response Engineer with extensive experience in identifying, scoping, containing and eradicating real-world threats. We advance Facebook's mission of making the world more open and connected by identifying and neutralizing threats that aim to collect sensitive information or disrupt our infrastructure. Candidates are expected to translate their skills into goal oriented projects that improve identification and response time and reduce functional or informational impact when an incident occurs. Those with a desire to just wait for an incident to occur or to 'shoot from the hip' need not apply.
* Further develop our incident response program
Respond to compromised assets (phones, laptops, servers) in our Corporate and Production environments around the world
Identify and execute on projects that improve our intrusion detection and incident response capabilities
Perform research to identify new ways of achieving our mission, with an emphasis on open-sourcing tools or process wherever possible.
* Experience in identifying, analyzing, scoping, containing and eradicating real-world threats
Knowledge of incident response phases and concepts
3+ years experience in developing, responding and analyzing technical security incident response for infrastructure
2+ years Experience in developing intrusion detection techniques with products like Bro, Suricata and SNORT Tools
3+ years experience with networking and Linux.
Experience with scripting and coding. Open source projects or commits.
Facebook is committed to providing reasonable accommodations for qualified individuals with disabilities and disabled veterans in our job application procedures. If you need assistance or an accommodation due to a disability, you may contact us at firstname.lastname@example.org.
Facebook is a company providing an online social networking service.