Help us maintain the quality of jobs posted on PowerToFly. Let us know if this job is closed.
Job Details
As part of Meta Security, our Insider Trust team is focused on identifying and responding to insider threats to data. The team's mission is to identify malicious use of otherwise legitimate access to data from people inside the company and respond to it before damage is done. We investigate across a broad spectrum of abuse including abuse of user data, intellectual property, and leaks of sensitive information. We collaborate with software engineering teams to build advanced detection capabilities and understand how abuse happens so that we can stay ahead of those who are interested in misusing their access. The Insider Trust team is looking for a highly motivated Security Engineer to build and improve internal tools and systems to detect malicious activities related to insider threats. Candidates are expected to analyze and monitor internal tools, hunt for insider threats against company data and infrastructure, and and have the ability to carry out complex internal investigations from collection to reporting. As part of the role, this person will work side by side with our engineering teams to build advanced detection solutions to help keep systems and information safe, and partner closely with our Human Resources and Legal teams to carry out complex investigations. We are looking for people that have a strong technical background, experience with computer forensics, data analytics, system and network administration, and the ability to build tools and/or automate tasks. Security Engineer, Insider Trust Responsibilities:
- Lead cross-functional projects to improve our capabilities to effectively detect and respond to internal threats and security incidents
- Leverage threat modeling and analysis to build event and/or behavioral based detections to protect our critical assets and infrastructure
- Perform analysis of logs from a variety of sources (e.g., individual host logs, network traffic logs) to identify potential insider threats
- Build operational workflows and actions that auto-resolve false positives and provide context scaling our ability to investigate
- Identify gaps in our infrastructure, and work with software engineers, product managers, and business partners to gain visibility through logging and detection
- Perform live response, digital forensics, and analysis of a wide variety of assets including endpoints, mobile, servers and networking equipment
- Conduct insider trust investigations in a cross-functional environment and drive incident resolution
- 3+ years experience in an incident response and/or detection engineering role
- 3+ years programming experience with at least one of the following languages: Python, Python, PHP, and/or C++.
- 2+ years experience writing detection rules using anomaly based methods
- Master's degree in Computer Science/Engineering
- Networking and system administration experience of server (Linux, Windows) and client (Windows, macOS, Linux) operating systems
- Familiarity with multiple forensic tools (e.g. SIFT Workstation, Sleuthkit, F-Response Enterprise, EnCase, FTK, Cellebrite, X-Ways, Volatility, or open source tools) to perform analysis and/or memory collection
About the Company
Meta
Menlo Park, CA, United States
The Facebook company is now Meta. Meta builds technologies that help people connect, find communities, and grow businesses. When Facebook launched... Read more