Security Engineer, Signals and Response

Facebook ,
London, Greater London

Overview

Job Description

**Intro:** Facebook's mission is to give people the power to build community and bring the world closer together. Through our family of apps and services, we're building a different kind of company that connects billions of people around the world, gives them ways to share what matters most to them, and helps bring people closer together. Whether we're creating new products or helping a small business expand its reach, people at Facebook are builders at heart. Our global teams are constantly iterating, solving problems, and working together to empower people around the world to build community and connect in meaningful ways. Together, we can help people build stronger communities - we're just getting started. **Summary:** Facebook Security is looking for a Signal and Response Engineer with a variety of experiences in the discovery, containment, and mitigation of internal and external threats. We are building the next generation of security operations and response platforms to support the scale and security of Facebook. You will be analysing different sources of information leveraged for detection, responding and investigating incidents and working with our software and production engineering teams to develop scalable systems to automate detection and remediation. At Facebook, supporting our employees is a core part of how we do business. From our generous benefits to our robust diversity programs, we're focused on empowering all our employees to live life to the fullest and bring their best selves to work, each and every day. We're proud of our supportive and inclusive culture and our International Headquarter benefits from over 100 different nationalities. We are dedicated to making Facebook welcoming to everyone who comes to work with us and we actively seek to recruit people with different backgrounds and experiences to help us build better products, make better decisions and better serve our clients. **Required Skills:** 1. Lead security incident response in a cross-functional collaboration environment driving towards incident resolution 2. Develop IR initiatives that improve our capabilities to respond and remediate security events faster 3. Perform forensic analysis of digital information and gathers and handles evidence 4. Perform analysis of logs from a variety of sources (e.g., individual host logs, network traffic logs) to identify potential threats 5. Build automation for response and remediation of malicious activity 6. Drive implementation of countermeasures, mitigations, and containment 7. Experience with attacker tactics, techniques and procedures **Minimum Qualifications:** 8. Bachelors degree or equivalent experience in Security 9. Experience analyzing network and host-based security events 10. Knowledge of networking technologies, specifically TCP/IP and the related protocols 11. Knowledge of operating systems, file systems, and memory on Windows, MacOS, or Linux 12. Coding/scripting experience in one or more general purpose languages 13. Experience with attacker tactics, techniques and procedures **Preferred Qualifications:** 14. Background in malware analysis, intrusion detection, and/or threat intelligence 15. Experience hunting, i.e. using threat intel to proactively and iteratively investigates these potential risks and finding suspicious behavior in the network 16. Experience in host and memory forensics (including live response) for Windows, OSX, and/or Linux 17. Broad knowledge across the Security domain, as well as deep focus in one (or more) areas such as Logs and events processing, Incident Management and Detection and/or response tool development **Industry:** Internet