Security Engineer, Incident Manager Facebook
Seattle, WA

Job Description

Facebook's Security team is looking for Security Engineer, Incident Managers with extensive experience in identifying, scoping, containing, and eradicating real-world threats. We advance Facebook's mission to "give people the power to build community and bringing the world closer together" making the world more open and connected by identifying and neutralizing threats that aim to collect sensitive information or disrupt our infrastructure and platform.

A successful candidate will set the bar for excellence in rapid response and investigation by driving resolution on complex or severe security incidents. In doing this work, they are required to accurately triage, assess severity and impact, build cross-functional virtual response teams, resolve conflicts and remove roadblocks. They are bridge-builders across the organization and exert influence without authority. They are leaders in a crisis.

They will also improve the efficiency of Facebook's Incident Response needs by scaling forensics processing, data analysis, and incident management for a global company and its subsidiaries.

RESPONSIBILITIES

* Manage complicated security incidents ranging from malware infestations to data breaches on a range of infrastructure.



Together with your engineering team, you will share an on-call rotation and be the initial escalation contact for security incidents.

Identify and scope projects that will deliver high impact advances in tooling, hardware, and workflow that improve our intrusion detection and incident response capabilities. Then work with the team and cross-functional partners to make them come true.

Perform research to identify new ways of achieving our mission, with an emphasis on using open-source tools or process wherever possible.

Develop excellence in Incident Response by preparing teams across Facebook through partnerships, exercises, and training.

Manage relationships across the company: legal, engineering, communications, etc.

MINIMUM QUALIFICATIONS

* BS in Computer Science or equivalent experience.



Experience scoping, investigating, and remediating security incidents.

Experience hunting, i.e. using threat intelligence and experience of attacker techniques, to investigate these potential risks and find suspicious behavior in our network.

Communication experience and experience leading teams of people in situations through influence and not authority.

Coding/scripting experience in one or more languages.

Knowledge across the Security domain, as well as in one (or more) areas such as:

* Host and Memory forensics (including live response) for Windows, OSX, and/or Linux.



Network forensics.

Incident Management.

Detection and/or response tool development.

PREFERRED QUALIFICATIONS

* Relevant experience with computer security incident investigations and management.



Facebook is committed to providing reasonable accommodations for qualified individuals with disabilities and disabled veterans in our job application procedures. If you need assistance or an accommodation due to a disability, you may contact us at accommodations-ext@fb.com.