Overview

Facebook’s mission is to give people the power to build community and bring the world closer together. Through our family of apps and services, we’re building a different kind of company that connects billions of people around the world, gives them ways to share what matters most to them, and helps bring people closer together. Whether we’re creating new products or helping a small business expand its reach, people at Facebook are builders at heart. Our global teams are constantly iterating, solving problems, and working together to empower people around the world to build community and connect in meaningful ways. Together, we can help people build stronger communities — we’re just getting started.
At Facebook, we have established a new team exploring different ways to leverage blockchain technology to improve the lives of people around the world. It’s a small, fast-growing, and talented group of people and our experienced leadership team comprised of some of the best professionals in their respective fields. The blockchain team is a startup within Facebook and we’re exploring lots of areas of interest across all facets of blockchain technology. Our ultimate goal is to help billions of people with access to things they don’t have now – that could be things like healthcare, equitable financial services, or new ways to save or share information.
Our team is looking for a Threat Detection and Response Engineer with experience in the discovery, containment, and mitigation of threats to networks and hosts. You will be responding to threats, building advanced and novel detection mechanisms, performing hunts for sophisticated and unknown malware, and developing systems to automate remediation. We are looking for people that enjoy hunting for malicious activity and intrusions and then developing new signatures or methodologies to detect their activity.
RESPONSIBILITIES
  • Hunt for badness in our infrastructure: proactively identify malicious activity that we are not currently able to detect
  • Analyze logs, packets, and alerts for signs of malicious activity
  • Create signatures and tools to analyze and detect malicious activity
  • Build automation for response and remediation of malicious activity
  • Support incident response by investigating security intrusions
  • Drive implementation of countermeasures, mitigations, and containment
MINIMUM QUALIFICATIONS
  • Bachelors degree or equivalent experience in Security
  • Knowledge of networking technologies, specifically TCP/IP and the related protocols
  • Knowledge of operating systems, file systems, and memory on Windows, MacOS, or Linux
  • Coding/scripting experience in one or more general purpose languages
  • Experience with attacker tactics, techniques, and procedures
PREFERRED QUALIFICATIONS
  • Background in malware analysis, intrusion detection, and/or threat intelligence
  • Experience with rule-driven and analysis-driven network platforms like Bro and Suricata
  • Experience hunting, i.e. using threat intel to proactively and iteratively investigates these potential risks and finding suspicious behavior in the network
  • Experience in host and memory forensics (including live response) for Windows, OSX, and/or Linux
  • Knowledge across the Security domain, as well as deep focus in one (or more) areas such as:
  • Host and memory forensics
  • Network forensics
  • Incident Management
  • Detection and/or response tool development

To apply for this job please visit www.facebook.com.


You can apply to this job and others using your online resume. Click the link below to submit your online resume and email your application to this employer.