About
Facebook
Job Description
At Facebook, we have established a new team exploring different ways to leverage blockchain technology to improve the lives of people around the world. It's a small, fast-growing, and talented group of people and our experienced leadership team comprised of some of the best professionals in their respective fields. The blockchain team is a startup within Facebook and we're exploring lots of areas of interest across all facets of blockchain technology. Our ultimate goal is to help billions of people with access to things they don't have now - that could be things like healthcare, equitable financial services, or new ways to save or share information.
Our team is looking for a Threat Detection and Response Engineer with experience in the discovery, containment, and mitigation of threats to networks and hosts. You will be responding to threats, building advanced and novel detection mechanisms, performing hunts for sophisticated and unknown malware, and developing systems to automate remediation. We are looking for people that enjoy hunting for malicious activity and intrusions and then developing new signatures or methodologies to detect their activity.
RESPONSIBILITIES
* Hunt for badness in our infrastructure: proactively identify malicious activity that we are not currently able to detect
Analyze logs, packets, and alerts for signs of malicious activity
Create signatures and tools to analyze and detect malicious activity
Build automation for response and remediation of malicious activity
Support incident response by investigating security intrusions
Drive implementation of countermeasures, mitigations, and containment
MINIMUM QUALIFICATIONS
* Bachelors degree or equivalent experience in Security
Knowledge of networking technologies, specifically TCP/IP and the related protocols
Knowledge of operating systems, file systems, and memory on Windows, MacOS, or Linux
Coding/scripting experience in one or more general purpose languages
Experience with attacker tactics, techniques, and procedures
PREFERRED QUALIFICATIONS
* Background in malware analysis, intrusion detection, and/or threat intelligence
Experience with rule-driven and analysis-driven network platforms like Bro and Suricata
Experience hunting, i.e. using threat intel to proactively and iteratively investigates these potential risks and finding suspicious behavior in the network
Experience in host and memory forensics (including live response) for Windows, OSX, and/or Linux
Knowledge across the Security domain, as well as deep focus in one (or more) areas such as:
* Host and memory forensics
Network forensics
Incident Management
Detection and/or response tool development
Facebook is committed to providing reasonable accommodations for qualified individuals with disabilities and disabled veterans in our job application procedures. If you need assistance or an accommodation due to a disability, you may contact us at accommodations-ext@fb.com.
About Facebook
Facebook is a company providing an online social networking service.