.Meta Security is looking for an Incident Response Engineer with experience in the identification, containment, and mitigation of security incidents.
You will be analyzing different data sources to detect, investigate, and respond to internal and external threats.
You will also be working with our software and production engineering teams to develop scalable systems to automate detection and remediation and help us build the next generation of security operations and response platforms.
At Meta, supporting our employees is a core part of how we do business.
From our generous benefits to our robust diversity programs, we're focused on empowering all our employees to live life to the fullest and bring their best selves to work each and every day.
We're proud of our supportive and inclusive culture and our International Headquarters benefits from over 100 different nationalities.
We are dedicated to making Meta welcoming to everyone who comes to work with us and we actively seek to recruit people with different backgrounds and experiences to help us build better products, make better decisions, and better serve our clients.
Security Engineer, Investigations & Response Responsibilities Lead security incident response in a cross-functional environment and drive incident resolution.
Develop IR initiatives that improve our capabilities to effectively respond to and remediate security incidents.
Perform digital forensic acquisition and analysis of a wide variety of assets including endpoints, mobile, servers, and networking equipment.
Perform analysis of logs from a variety of sources (e.G., individual host logs, network traffic logs) to identify potential threats.
Perform root cause analysis and drive implementation of containment and mitigation strategies.
Build automation for response and remediation of malicious activity.
Minimum Qualifications Extensive experience in Security Incident Response and Detection & Response Engineering.
Bachelor's degree or equivalent experience in Security.
Experience responding to both external and insider threats.
Experience analyzing network and host-based security events.
Knowledge of networking technologies, specifically TCP/IP and the related protocols.
Knowledge of operating systems, file systems, and memory structures on Windows, MacOS, and Linux.
Coding/scripting experience in one or more general-purpose languages.
Experience with attacker tactics, techniques, and procedures.
Preferred Qualifications Background in malware analysis, digital forensics, intrusion detection, and/or threat intelligence.
Experience in threat hunting including the ability to leverage intelligence data to proactively identify and iteratively investigate suspicious behavior across networks and systems.
Experience in host and memory forensics (including live response) for Windows, macOS, and Linux