Facebook Security is looking for a Threat Detection and Response Engineer with a variety of experiences in the discovery, containment, and mitigation of threats to networks and hosts. You will be responding to threats, building advanced and novel detection mechanisms, performing enterprise-wide hunts for sophisticated and previously unknown malware, and developing systems to automate remediation. We are looking for people that love hunting for malware and intrusions and then developing new signatures or methodologies to track their activity.
* Hunt for badness in our infrastructure: proactively identify malicious activity that we are not currently able to detect
Analyze logs, packets, and alerts for signs of malicious activity
Create signatures and tools to analyze and detect malicious activity
Build automation for response and remediation of malicious activity
Support incident response by investigating security intrusions
Drive implementation of countermeasures, mitigations, and containment
* Bachelors degree or equivalent experience in Security
Knowledge of networking technologies, specifically TCP/IP and the related protocols
Knowledge of operating systems, file systems, and memory on Windows, MacOS, or Linux
Coding/scripting experience in one or more general purpose languages
Experience with attacker tactics, techniques and procedures
* Background in malware analysis, intrusion detection, and/or threat intelligence
Experience with rule-driven and analysis-driven network platforms like Bro and Suricata
Experience hunting, i.e. using threat intel to proactively and iteratively investigates these potential risks and finding suspicious behavior in the network
Experience in host and memory forensics (including live response) for Windows, OSX, and/or Linux
Broad knowledge across the Security domain, as well as deep focus in one (or more) areas such as:
* Host and memory forensics
Detection and/or response tool development
Facebook is committed to providing reasonable accommodations for qualified individuals with disabilities and disabled veterans in our job application procedures. If you need assistance or an accommodation due to a disability, you may contact us at email@example.com.
Facebook is a company providing an online social networking service.