Offensive Security Engineer (University Grad)
Onsite
Washington, DC, United States
Washington, DC, United States
Job Details
Meta’s Offensive Security Group is looking for an Offensive Security Engineer that can execute tactical, offensive assessments across our environments. Our objective is to preempt the adversary in attacking Meta, and make the company, its employees, and its users safer and more secure.This individual should have knowledge across the attack lifecycle and a demonstrated capacity to understand, design and execute security assessments against various technologies and stacks. Candidates are expected to support delivering technology-oriented assessments that positively benefit the overall security posture of the organization. This role requires a desire to help drive fixes after testing cycles, both as short term mitigations and long term improvements. Offensive Security Engineer (University Grad) Responsibilities:
- Offensive Security Assessments: Perform security assessments ranging from Red Team operations, threat-based evaluations, and vulnerability research and exploitation against both the unique systems and technologies used at Meta, as well as approved 3rd party software and vendors.
- Security Guidance: Provide threat-based guidance and education to the overall security organization through offensive security, with audiences including software engineers, business and technical leaders.
- Adversary TTPs: Research, develop, and execute adversary TTPs across the range of the attack lifecycle.
- Currently has, or is in the process of obtaining a Bachelor's or Master's degree in Computer Science, Computer Engineering, relevant technical field, or equivalent practical experience. Degree must be completed prior to joining Meta.
- Proven understanding of the attack lifecycle, and offensive security concepts in at least one of Red Team operations, Purple Team engagements, Vulnerability Research, and/or Exploitation.
- Experience with exploiting common security vulnerabilities and bypassing security controls
- Knowledge of server (Linux, Windows) and client (Windows, macOS, Linux) operating systems.
- Experience in at least PHP/Hack, Python, C/C++, Go, or Java.
- Must obtain work authorization in country of employment at the time of hire, and maintain ongoing work authorization during employment
- Contributions to the security community (public research, blogging, presentations, bug bounty, tooling, etc.)
- Track record of participation in capture the flag (CTF) competitions.
- OSCP certification, or equivalent.
Learn more about Meta
Help us maintain the quality of jobs posted on PowerToFly. Let us know if this job is closed.
Mission
We're connecting diverse talent to big career moves. Meeting people who boost your career is hard - yet networking is key to growth and economic empowerment. We’re here to support you - within your current workplace or somewhere new. Upskill, join daily virtual events, apply to roles (it’s free!).
Are you hiring? Join our platform for diversifiying your team