Senior Security Engineer jobs at Microsoft

The Cloud & AI organization accelerates Microsoft's mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers' heterogeneous environments, as well as ensuring the security of our own internal estate. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world. Microsoft is one of the largest enterprise service companies in the world. Security represents the most critical priorities for our customers in a world awash in digital threats, regulatory scrutiny, and estate complexity. Microsoft Security aspires to make the world a safer place for all. We want to reshape security and empower every user, customer, and developer with a security cloud that protects them with end to end, simplified solutions. The Microsoft Security organization accelerates Microsoft's mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers' heterogeneous environments, as well as ensuring the security of our own internal estate. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world. - Do you have a passion for helping Microsoft's clients defend themselves against targeted exploitation? - Are you interested in being intimately involved in the latest, cutting-edge developments in the security industry and having a direct impact on the security of all Microsoft customers? - Do you want to be on the front lines of helping our customers go toe-to-toe against advanced adversaries? - Are you interested in a fast-paced job full of new opportunities? If so, you may be a fit for a Security Researcher role for the Global Hunting, Oversight, and Strategic Triage (GHOST) team! We are looking for a **Security Researcher** with engineering experience and analytical background to join our team. The role combines development of tools, engineering scalable systems, and using those systems to assist with investigations. By applying engineering skills as an active member on investigations, you will incubate investigation best practices from experiments to scalable solutions that can be applied to proprietary solutions, Microsoft tooling and products. Researchers will support a global team to identify and catalog new attacker TTPs, victims, to protect worldwide enterprise customers and empower customers to protect themselves via constantly improving Microsoft products. _Microsoft's mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond. In alignment with our Microsoft values, we are committed to cultivating an inclusive work environment for all employees to positively impact our culture every day._ **Responsibilities** This role is part of a collaborative team, assisting our customers with: - Identifying potential threats, allowing for proactive defense before an actual incident. - Building proof-of-concept, prototype, and production-ready threat hunting tools, automations, and new capabilities. - Driving product and tooling improvements by conveying learnings from threat hunting and incident response at scale to engineering partner teams - Monitor, maintain, and iterate on proprietary solutions that enable our team to threat hunt. - Implement security controls of relevant mitigations to defend against current and future threat landscape. - Contribute across teams in producing extensible, testable, and maintainable code. **Qualifications** Minimum Qualifications: + Master's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 1+ year(s) experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection. + OR Bachelor's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 2+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection. + OR equivalent experience. Other Requirements: Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings: Microsoft Cloud Background Check: + This position will be required to pass the Microsoft background and Microsoft Cloud background check upon hire/transfer and every two years thereafter. + This position requires verification of U.S citizenship due to citizenship-based legal restrictions. Specifically, this position supports United States federal, state, and/or local United States government agency customers and is subject to certain citizenship-based restrictions where required or permitted by applicable law. To meet this legal requirement, citizenship will be verified via a valid passport. Preferred Qualifications: + Doctorate in Statistics, Mathematics, Computer Science, Computer Security, or related field OR Master's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 3+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection. + OR Bachelor's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 5+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection. + OR equivalent experience. + Proven knowledge of security fundamentals across Microsoft platforms (Client, Server, Cloud). + Familiarity and understanding of SQL or Kusto Query Language (KQL) queries (or experience with large database/SIEM query languages such as Splunk/Humio/Kibana, etc.) + Familiarity and understanding of Jupyter Notebooks, or building equivalent threat hunting automations with scripting languages. + Experience with sophisticated threat actor evidence including familiarity with typical Indicators of Compromise (IOCs), Indicators of Activity (IOAs) and Tools, Techniques and Procedures (TTPs). + Microsoft Azure platform knowledge and experience. + Familiar with various forensic log artifacts. + Familiarity with Microsoft security products stack. + Familiar with Windows, Linux, and/or mac OS forensic analysis. + Technical/Investigation/Cybersecurity/Digital Forensics/DFIR certifications (e.g. CISSP, CSSLP, SANS GIAC, Azure etc.) + Professional experience with coding in at least one language: C#, Golang, or Python. **\#GHOST #MSFTSecurity** Security Research IC3 - The typical base pay range for this role across the U.S. is USD $100,600 - $199,000 per year. There is a different range applicable to specific work locations, within the San Francisco Bay area and New York City metropolitan area, and the base pay range for this role in those locations is USD $131,400 - $215,400 per year. Certain roles may be eligible for benefits and other compensation. Find additional benefits and pay information here: **************************************************** This position will be open for a minimum of 5 days, with applications accepted on an ongoing basis until the position is filled. Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance with religious accommodations and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations. (**************************************************************

Our Company Changing the world through digital experiences is what Adobe's all about. We give everyone-from emerging artists to global brands-everything they need to design and deliver exceptional digital experiences! We're passionate about empowering people to create beautiful and powerful images, videos, and apps, and transform how companies interact with customers across every screen. We're on a mission to hire the very best and are committed to creating exceptional employee experiences where everyone is respected and has access to equal opportunity. We realize that new ideas can come from everywhere in the organization, and we know the next big idea could be yours! Position summary: The Senior Security Engineer position will be part of the Enterprise Security organization consisting of IAM professionals across several technologies. This specific position will have a specialized role in directory services and SaaS applications! It will focus on large implementations of Entra ID with integrations with other directories, IDPs, applications, and automated workflows. We give technical direction, administer tools, and provide support for various security technologies. We participate in driving Enterprise Security projects that use our cloud directory services for various internal and external Adobe services. We work with other specialists, architects, security teams, and software engineer teams across Adobe and collectively provide services, guidance, and strategies that protect services and data as well as adhere to various global government regulations. You will work with business customers, management teams, infrastructure teams, development teams, project managers, and other security teams to help implement the vision, structure, standards, and plan solutions that support the future architecture. At Adobe, you will be immersed in an exceptional work environment that is recognized throughout the world on Best Companies lists! You will also be surrounded by colleagues who are committed to helping each other grow through our Check-In approach where ongoing feedback flows freely. If you're looking to make an impact, Adobe is the place for you. Discover what our employees are saying about their career experiences on the Adobe Life blog and explore the meaningful benefits we offer. Adobe is an equal opportunity employer. We welcome and encourage diversity in the workplace regardless of race, gender, religion, age, sexual orientation, gender identity, disability or veteran status. Primary Responsibilities May Include, but Are Not Limited To: * Managing deep and complex directory architectures and services span directories, IDPs, and federated environments. * Providing guidance and architecting solutions for directory service strategies across a variety of internal customers at Adobe. * We help test, implement, and support secure services used by end-users, devices, and application workflows to all of Adobe. * We engineer secure identity solutions for on-premises and cloud environments. * We are a team of Security Engineers that handle incoming requests, respond to issues, solve reported problems, and develop solutions. * We meet with teams to get business requirements, understand workflows, and devise solutions. * We help assess SaaS implementations for identity integrations and general security. * We generate useful metrics to help make decisions, identify issues, and manage our sevices. Requirements: * Possess a Bachelor's or advanced degree in MIS, Computer Science, Cybersecurity, or Engineering OR 10+ years in IT or Cybersecurity * Comfortable working on and leading different projects with many teams at one time * In-depth understanding of Windows, Mac and UNIX/Linux based systems, permissions, and interoperability. * Strong knowledge of machine to machine and application to machine connections using MFA, certificates, tokens, and other methods. * Strong understanding of the identity lifecycle, secure by design, least privileged and zero trust. * An in-depth knowledge and understanding of managing and securing cloud directories (e.g. Entra ID/AWS/Okta) and integrating with traditional directories (e.g. Active Directory/389DS/ LDAP based directories). * Proficient in written and verbal communications, skilled at working alongside differing viewpoints to accomplish shared objectives. * Able to work independently and as a team member. * Capable of conveying technical concepts to diverse audiences including non-technical users, architects, and senior leadership. * Professional written, verbal, and presentation communication skills to engage with senior leadership. * A deep understanding of Cloud Directories, especially Entra ID, and how to secure it, use conditional access policies, and apply/create automation. * Ability to teach and mentor others while fostering a collaborative environment. * Can model leadership behavior and help to grow other's leadership behavior. Preferred: * Understanding of Desktop operating systems including Windows, Linux, and Mac * Experience or knowledge of Public Key Infrastructure * Strong abilities in programming/scripting languages for automating repeatable tasks like Python, PowerShell, etc. * Experience and/or Knowledge of dashboarding and log correlation engines such as Grafana, Telegraph, Splunk, etc. * Experience with SaaS Security Posture Management technologies. * Experience with developing PowerBI dashboards. The Person Should: * Have strong social skills, ability to "win people over" and be a great teammate. * Be able to communicate, influence and mentor across business and executive leadership as well as partners while being able to explain the benefits for their teams. * Be neutral toward technology, vendor and product choices; more interested in results than in personal preferences. * Have the ability to think creatively and to solve complex tasks and problems with minimal direction. Our compensation reflects the cost of labor across several U.S. geographic markets, and we pay differently based on those defined markets. The U.S. pay range for this position is $168,200 -- $310,100 annually. Pay within this range varies by work location and may also depend on job-related knowledge, skills, and experience. Your recruiter can share more about the specific salary range for the job location during the hiring process. In California, the pay range for this position is $214,100 - $310,100 In Washington, the pay range for this position is $194,000 - $281,000 At Adobe, for sales roles starting salaries are expressed as total target compensation (TTC = base + commission), and short-term incentives are in the form of sales commission plans. Non-sales roles starting salaries are expressed as base salary and short-term incentives are in the form of the Annual Incentive Plan (AIP). In addition, certain roles may be eligible for long-term incentives in the form of a new hire equity award. State-Specific Notices: California: Fair Chance Ordinances Adobe will consider qualified applicants with arrest or conviction records for employment in accordance with state and local laws and "fair chance" ordinances. Colorado: Application Window Notice If this role is open to hiring in Colorado (as listed on the job posting), the application window will remain open until at least the date and time stated above in Pacific Time, in compliance with Colorado pay transparency regulations. If this role does not have Colorado listed as a hiring location, no specific application window applies, and the posting may close at any time based on hiring needs. Massachusetts: Massachusetts Legal Notice It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability. Adobe is proud to be an Equal Employment Opportunity employer. We do not discriminate based on gender, race or color, ethnicity or national origin, age, disability, religion, sexual orientation, gender identity or expression, veteran status, or any other applicable characteristics protected by law. Learn more. Adobe aims to make Adobe.com accessible to any and all users. If you have a disability or special need that requires accommodation to navigate our website or complete the application process, email accommodations@adobe.com or call **************.

NVIDIA is looking for security researchers passionate about offensive research across different platforms. Do you have experience with identifying hardware and software vulnerabilities, developing PoC, and tools for automation in vulnerability research? Are you creative and devious in your offensive approach? We want to hear from you! You should demonstrate ability to excel in an environment with innovative and fast paced development on the worlds most powerful integrated software and hardware computing platform. What you'll be doing: * Core job duties will identify vulnerabilities in our embedded firmware and critical system software, building proof of concepts, and collaborating with development teams to remediate them. * Candidates will invest in improving current tools and offensive practices for bug discovery and evaluation while supporting remediation efforts. We expect team members to exercise modern tools for modeling new attack vectors on unreleased and emerging technology platforms. * The most impactful candidates can simulate real attacker behaviors, break systems by exploiting design assumption and effectively communicate their findings for action. Focus will be to increase resilience of the end products against all forms of attack through close collaboration with extended SW and HW offensive security teams. * Products targets span HPC data centers, consumer electronics, autonomous platforms, AI/cloud solutions, and a variety of embedded/IOT platforms providing a rich and complex target space to exercise your skills. What we need to see: * We'd like to see proven experience and offensive security research (CVE's, publications, patents, tools, bounties) with demonstrated responsible disclosure practices. * Strong skills in reverse engineering and automation (IDA, Ghidra), fuzzing (AFL, WinAFL, Syzcaller) and exploitation (ROP, memory corruption) are important to success; as well as understanding of modern embedded cryptography and common security issues. * Experience with ARM/X86/RISCV assembly (include shellcode development) and low-level C programming paired with understanding and experience with micro-architectural attacks (side channels, fault injection, etc) is critical. * Demonstrated skill for secure code reviews of complex source projects, and exposure to code quality practices (SDL, threat modeling) that support development goals. * Candidates should be comfortable working collaboratively and remotely with others to accomplish complex team goals, enabling delivery of outstanding security for our products. * BS/BA degree or equivalent experience * 12+ years in a security related field Ways to stand out from the crowd: * Navigating complex platform concerns and ability to analyze composed systems to identify high risk components and established testing targets and objectives. * Practical skills using Hex-Rays IDA Pro and plugin/loaders development (or similar experience with Ghidra) is valuable * Leveraging innovative strategies and AI advancements to accelerate discovery and resolution of security risks. * Experience with enclave models such as NVIDIA CC, ARM TEE, Intel SGX/TDX, AMD SEV-SNP and other isolation technologies. * Development and integration of AI tooling and skills to accelerate and improve activities and or experience with offensive actions targeting AI models (LLM or other) components within those platforms. NVIDIA has continuously reinvented itself over two decades. Our invention of the GPU in 1999 fueled the growth of the PC gaming market, redefined modern computer graphics, and revolutionized parallel computing. More recently, GPU deep learning ignited modern AI - the next era of computing. NVIDIA is a "learning machine" that constantly evolves by adapting to new opportunities that are hard to solve, that only we can pursue, and that matter to the world. This is our life's work, to amplify creativity and intelligence. Make the choice to join us today! Your base salary will be determined based on your location, experience, and the pay of employees in similar positions. The base salary range is 224,000 USD - 356,500 USD for Level 5, and 272,000 USD - 425,500 USD for Level 6. You will also be eligible for equity and benefits. Applications for this job will be accepted at least until October 5, 2025. NVIDIA is committed to fostering a diverse work environment and proud to be an equal opportunity employer. As we highly value diversity in our current and future employees, we do not discriminate (including in our hiring and promotion practices) on the basis of race, religion, color, national origin, gender, gender expression, sexual orientation, age, marital status, veteran status, disability status or any other characteristic protected by law.

Cross-Meta Security's mission is to protect the company, our community, and their data while empowering safe innovation. To achieve this, we are building a small team of Senior Individual Contributors (ICs) who can solve security-related technical problems across the company in collaboration with various Meta product groups and pillars. **Required Skills:** Security Engineer Responsibilities: 1. Lead cross-organizational technical teams to solve challenging cross-domain security problems. 2. Bring together engineering teams that work in adjacent areas to build shared context and tackle bigger problems than they can solve individually. 3. Operate with ownership and accountability for one or more security risks at Meta and drive and influence people to do the right things to comprehensively address those risks while enabling the company to move fast. 4. Disambiguate and decompose problems and solutions and create clarity for others. 5. Provide technical guidance and collaborate with cross-functional partners to define projects goals and milestones. 6. Bolster engineering excellence in everything you do. **Minimum Qualifications:** Minimum Qualifications: 7. B.S. Computer Science or related field 8. 15+ years of experience managing security risk and navigating the tradeoff between security and friction in a large organization 9. 15+ years of experience in driving large cross-company engineering and Security initiatives 10. Experience with system design, threat modeling and risk assessment 11. Experience building engineered controls and guardrails to manage risks 12. Application of security principles such as least privilege, defense in depth, segmentation 13. Knowledge of current threat tactics, techniques, and procedures 14. Experience in distributed systems, access control, encryption, intrusion detection 15. Effective communication that creates clarity and simplicity for others **Public Compensation:** $264,000/year to $342,000/year + bonus + equity + benefits **Industry:** Internet **Equal Opportunity:** Meta is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law. Meta participates in the E-Verify program in certain locations, as required by law. Please note that Meta may leverage artificial intelligence and machine learning technologies in connection with applications for employment. Meta is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process. If you need any assistance or accommodations due to a disability, please let us know at accommodations-ext@fb.com.

Meta's Product Security team is seeking a experienced hacker who derives purpose in life by revealing potential weaknesses and then crafting creative solutions to eliminate those weaknesses. Your skills will be the foundation of security initiatives that protect the security and privacy of over two billion people. You will be relied upon to provide engineering and product teams with the web, mobile, or native code security expertise necessary to make informed product decisions. Come help us make life hard for the bad guys. **Required Skills:** Product Security Engineer, AI Responsibilities: 1. Security Reviews: perform manual design and implementation reviews of products and services that make up the Meta ecosystem, like Instagram, WhatsApp, Oculus, Portal, and more 2. Developer Guidance: provide guidance and education to developers that help prevent the authoring of vulnerabilities 3. Automated Analysis and Secure Frameworks: build automation (static and dynamic analysis) and frameworks with software engineers that enable Meta to scale consistently across all of our products **Minimum Qualifications:** Minimum Qualifications: 4. BS or MS in Computer Science or a related field, or equivalent experience 5. 8+ years of experience finding vulnerabilities in interpreted languages. Knowledge of best practice secure code development 6. Experience with exploiting common security vulnerabilities 7. Knowledge of common exploit mitigations and how they work 8. Coding and scripting experience in one or more general purpose languages **Preferred Qualifications:** Preferred Qualifications: 9. Experience creating software that enables security processes, especially those leveraging AI/ML for automation or augmentation 10. Experience integrating or building AI-powered tools to assist with vulnerability detection, code review, or threat modeling 11. Experience creating software that enables security processes 12. 8+ years of experience finding vulnerabilities in C/C++ code 13. Contributions to the security community (public research, blogging, presentations, bug bounty) 14. Demonstrated ability to collaborate with AI researchers or engineers to apply AI in security workflows **Public Compensation:** $177,000/year to $251,000/year + bonus + equity + benefits **Industry:** Internet **Equal Opportunity:** Meta is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law. Meta participates in the E-Verify program in certain locations, as required by law. Please note that Meta may leverage artificial intelligence and machine learning technologies in connection with applications for employment. Meta is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process. If you need any assistance or accommodations due to a disability, please let us know at accommodations-ext@fb.com.

Meta Security is looking for a threat intelligence investigator with extensive experience in investigating cyber threats with an intelligence-driven approach. You will be proactively responding to a broad set of security threats, as well as tracking actor groups with an interest or capability to target Meta and its employees. You will also be identifying the gaps in current detections and preventions by long-term intelligence tracking and research, and working with cross-functional stakeholders to improve Meta's security posture. You will help the team establish, lead and execute multi-year roadmaps that improve research efficiency and quality across the team, and drive improvements to stakeholder management across a broad range of intelligence requirements. **Required Skills:** Detection & Response Security Engineer, Threat Intelligence Responsibilities: 1. Influence and align the team's vision and strategy. Collaboratively prioritize and deliver specific multi-year roadmaps and projects 2. Build, cultivate, and maintain impactful relationships with intelligence stakeholders to identify and facilitate solutions to increase the impact of the team's work 3. Refine operational metrics, key performance indicators, and service level objectives to measure Intelligence research and services 4. Lead cross-functional projects to improve the security posture of Meta's infrastructure, such as red team operations, surface detection coverage expansion and vulnerability management discussions 5. Track threat clusters posing threats to Meta's infrastructure and employees, and identify, develop and implement countermeasures on our corporate network 6. Investigate, mitigate, and forecast emerging technical trends and communicate effectively with actionable suggestions to different types of audiences 7. Work closely with incident responders to provide useful and timely intelligence to enrich ongoing investigations 8. Improve the tooling of threat cluster tracking and intelligence data integration to existing systems **Minimum Qualifications:** Minimum Qualifications: 9. 8+ years threat intelligence experience 10. B.S. or M.S. in Computer Science or related field, or equivalent experience 11. Be a technical and process subject matter expert regarding Security Operations and Threat Intelligence services 12. Experience developing and delivering information on threats, incidents and program status for leadership 13. Expertise with campaign tracking techniques and converting tracking results to long term countermeasures 14. Expertise with threat modeling frameworks, such as Diamond Model or/and MITRE ATT&CK framework 15. Experience intelligence-driven hunting to spot suspicious activities in the network and identify potential risks 16. Proven track record of managing and executing on short term and long term projects 17. Ability to work with a team spanning multiple locations/time zones 18. Ability to prioritize and execute tasks with minimal direction or oversight 19. Ability to think critically and qualify assessments with solid communications skills 20. Coding or scripting experience in one or more scripting languages such as Python or PHP **Preferred Qualifications:** Preferred Qualifications: 21. Experience recruiting, building, and leading technical teams, including performance management 22. Experience close collaborating with incident responders on incident investigations 23. Experience in threat hunting including leveraging intelligence data to proactively identify and iteratively investigates suspicious behavior across networks and systems 24. Familiarity with malware analysis or network traffic analysis 25. Familiarity with nation-state, sophisticated criminal, or supply chain threats 26. Familiarity with file-based or network-based rules and signatures for detection and tracking of complex threats, such as YARA or Snort 27. Experience in one or more query languages such as SQL 28. Experience authoring production code for threat intelligence tooling 29. Experience conducting large scale data analysis 30. Experience working across the broader security community **Public Compensation:** $177,000/year to $251,000/year + bonus + equity + benefits **Industry:** Internet **Equal Opportunity:** Meta is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law. Meta participates in the E-Verify program in certain locations, as required by law. Please note that Meta may leverage artificial intelligence and machine learning technologies in connection with applications for employment. Meta is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process. If you need any assistance or accommodations due to a disability, please let us know at accommodations-ext@fb.com.

We are seeking a Security Engineer who specializes in designing and implementing new systems and tools to enhance the security of Meta's products and infrastructure. This role is ideal for individuals with deep security domain expertise who are passionate about building solutions and using AI to address evolving security requirements and use cases. **Required Skills:** Cloud Security Engineer Responsibilities: 1. Design, prototype, and implement AI-driven security systems and tools to protect Meta's products and internal infrastructure 2. Develop and maintain security-focused code, libraries, and frameworks for use by Security Engineers, Analysts, and engineering teams 3. Collaborate with cross-functional partners to deliver scalable, security solutions aligned with company objectives 4. Rapidly experiment with and iterate on specialized security technologies, leveraging AI to address emerging threats and requirements 5. Apply deep security expertise to solve complex challenges, mitigate risks, and mentor other engineers in advanced security domains **Minimum Qualifications:** Minimum Qualifications: 6. B.S. or M.S. in Computer Science or related field, or equivalent experience 7. 5+ years of experience in designing and implementing security systems, tools, or frameworks 8. Extensive knowledge of attacker tactics, techniques, and procedures 9. Proficiency in coding with experience in languages such as Python, C/C++, Go, or equivalent 10. Experience collaborating with technical and non-technical stakeholders 11. Ability to rapidly prototype and iterate on security solutions **Preferred Qualifications:** Preferred Qualifications: 12. Experience on securing cloud deployments, IAC (Infrastructure as Code) deployments for cloud (terraform) 13. Experience addressing security problems by building scalable engineering solutions 14. Experience influencing software engineers building security products 15. Experience creating metrics to measure service and program effectiveness and consistency 16. Experience making contributions to the security or privacy community (public research, OSS, blogging, presentations, etc.) **Public Compensation:** $147,000/year to $208,000/year + bonus + equity + benefits **Industry:** Internet **Equal Opportunity:** Meta is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law. Meta participates in the E-Verify program in certain locations, as required by law. Please note that Meta may leverage artificial intelligence and machine learning technologies in connection with applications for employment. Meta is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process. If you need any assistance or accommodations due to a disability, please let us know at accommodations-ext@fb.com.

Cross-Meta Security's mission is to protect the company, our community, and their data while empowering safe innovation. To achieve this, we are building a small team of Senior Individual Contributors (ICs) who can solve security-related technical problems across the company in collaboration with various Meta product groups and pillars. Minimum Qualifications * B.S. Computer Science or related field * 15+ years of experience managing security risk and navigating the tradeoff between security and friction in a large organization * 15+ years of experience in driving large cross-company engineering and Security initiatives * Experience with system design, threat modeling and risk assessment * Experience building engineered controls and guardrails to manage risks * Application of security principles such as least privilege, defense in depth, segmentation * Knowledge of current threat tactics, techniques, and procedures * Experience in distributed systems, access control, encryption, intrusion detection * Effective communication that creates clarity and simplicity for others Responsibilities * Lead cross-organizational technical teams to solve challenging cross-domain security problems. * Bring together engineering teams that work in adjacent areas to build shared context and tackle bigger problems than they can solve individually. * Operate with ownership and accountability for one or more security risks at Meta and drive and influence people to do the right things to comprehensively address those risks while enabling the company to move fast. * Disambiguate and decompose problems and solutions and create clarity for others. * Provide technical guidance and collaborate with cross-functional partners to define projects goals and milestones. * Bolster engineering excellence in everything you do. About Meta Meta builds technologies that help people connect, find communities, and grow businesses. When Facebook launched in 2004, it changed the way people connect. Apps like Messenger, Instagram and WhatsApp further empowered billions around the world. Now, Meta is moving beyond 2D screens toward immersive experiences like augmented and virtual reality to help build the next evolution in social technology. People who choose to build their careers by building with us at Meta help shape a future that will take us beyond what digital connection makes possible today-beyond the constraints of screens, the limits of distance, and even the rules of physics. Equal Employment Opportunity Meta is proud to be an Equal Employment Opportunity employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, reproductive health decisions, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, genetic information, political views or activity, or other applicable legally protected characteristics. You may view our Equal Employment Opportunity notice here. Meta is committed to providing reasonable accommodations for qualified individuals with disabilities and disabled veterans in our job application procedures. If you need assistance or an accommodation due to a disability, fill out the Accommodations request form.

We are seeking a Security Engineer who specializes in designing and implementing new systems and tools to enhance the security of Meta's products and infrastructure. This role is ideal for individuals with deep security domain expertise who are passionate about building solutions and using AI to address evolving security requirements and use cases. Minimum Qualifications * B.S. or M.S. in Computer Science or related field, or equivalent experience * 5+ years of experience in designing and implementing security systems, tools, or frameworks * Extensive knowledge of attacker tactics, techniques, and procedures * Proficiency in coding with experience in languages such as Python, C/C++, Go, or equivalent * Experience collaborating with technical and non-technical stakeholders * Ability to rapidly prototype and iterate on security solutions Preferred Qualifications * Experience on securing cloud deployments, IAC (Infrastructure as Code) deployments for cloud (terraform) * Experience addressing security problems by building scalable engineering solutions * Experience influencing software engineers building security products * Experience creating metrics to measure service and program effectiveness and consistency * Experience making contributions to the security or privacy community (public research, OSS, blogging, presentations, etc.) Responsibilities * Design, prototype, and implement AI-driven security systems and tools to protect Meta's products and internal infrastructure * Develop and maintain security-focused code, libraries, and frameworks for use by Security Engineers, Analysts, and engineering teams * Collaborate with cross-functional partners to deliver scalable, security solutions aligned with company objectives * Rapidly experiment with and iterate on specialized security technologies, leveraging AI to address emerging threats and requirements * Apply deep security expertise to solve complex challenges, mitigate risks, and mentor other engineers in advanced security domains About Meta Meta builds technologies that help people connect, find communities, and grow businesses. When Facebook launched in 2004, it changed the way people connect. Apps like Messenger, Instagram and WhatsApp further empowered billions around the world. Now, Meta is moving beyond 2D screens toward immersive experiences like augmented and virtual reality to help build the next evolution in social technology. People who choose to build their careers by building with us at Meta help shape a future that will take us beyond what digital connection makes possible today-beyond the constraints of screens, the limits of distance, and even the rules of physics. Equal Employment Opportunity Meta is proud to be an Equal Employment Opportunity employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, reproductive health decisions, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, genetic information, political views or activity, or other applicable legally protected characteristics. You may view our Equal Employment Opportunity notice here. Meta is committed to providing reasonable accommodations for qualified individuals with disabilities and disabled veterans in our job application procedures. If you need assistance or an accommodation due to a disability, fill out the Accommodations request form.

Meta Security is looking for a Security Engineer with experience in threat modeling, TTP identification, and detection engineering. You'll work alongside Software Engineers and Offensive Security Engineers to identify critical assets, assess the top risks, and evaluate potential attacks against Meta systems. You will be working across engineering teams supporting Production and Corporate systems to develop detection and response automation leveraging both industry-standard and custom detection and response platforms. You'll generate detection ideas utilizing some of the world's largest data sets and build on top of hyper-scale data pipelines. Minimum Qualifications * 2+ years of experience in Detection and Response Engineering or similar Security Engineering role * Bachelor's degree or equivalent experience in Cyber Security * Experience building complex automations and integrations using Security Orchestration, Automation and Response platforms * Experience designing systems used for responding to both external and insider threats * Experience analyzing network and host-based security events * Knowledge of networking technologies, specifically Transmission Control Protocol (TCP)/Internet Protocol (IP) and the related protocols * Knowledge of operating systems, file systems, and memory structures on Windows, MacOS and Linux * Coding/scripting experience in one or more general purpose languages * Experience with attacker tactics, techniques, and procedures Preferred Qualifications * Experience in Detection & Response Engineering or similar Security Engineering role * Experience building complex automations and integrations using Security Orchestration, Automation and Response (SOAR) platforms * Background in security-focused software engineering, designing large scale systems and data pipelines, or offensive security * Experience in threat hunting including leveraging intelligence data to proactively identify and iteratively investigates suspicious behavior across networks and systems * Broad knowledge across the Security domain, as well as thorough focus in one (or more) areas such as Logs and events processing, Incident Management, Digital Forensics, Offensive Security Testing, Detection and/or Response tooling development * Experience designing systems used for responding to both external and insider threats * Experience analyzing network and host-based security events * Knowledge of networking technologies, specifically TCP/IP and the related protocols * Knowledge of operating systems, file systems, and memory structures on Windows, MacOS and Linux Responsibilities * Lead cross-functional projects to improve our functionalities to effectively detect and respond to security incidents * Review security architecture of large-scale custom and commercial systems and under your own initiative propose logging, detection and prevention controls * Perform TTP-based Threat Modeling for a wide variety of assets including endpoints, mobile, servers, internal services, public & private cloud environments and networking equipment * Perform analysis against logs from a variety of sources (e.g., individual host logs, network traffic logs) to identify potential threats and detection ideas * Build response workflows and actions that auto-resolve false positives and provide context scaling our capacity to investigate * Support security incident response in a cross-functional environment and drive incident resolution * Design and implement attack testing automation to validate detection coverage * Build logging pipelines using our custom datasets and infrastructure About Meta Meta builds technologies that help people connect, find communities, and grow businesses. When Facebook launched in 2004, it changed the way people connect. Apps like Messenger, Instagram and WhatsApp further empowered billions around the world. Now, Meta is moving beyond 2D screens toward immersive experiences like augmented and virtual reality to help build the next evolution in social technology. People who choose to build their careers by building with us at Meta help shape a future that will take us beyond what digital connection makes possible today-beyond the constraints of screens, the limits of distance, and even the rules of physics. Equal Employment Opportunity Meta is proud to be an Equal Employment Opportunity employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, reproductive health decisions, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, genetic information, political views or activity, or other applicable legally protected characteristics. You may view our Equal Employment Opportunity notice here. Meta is committed to providing reasonable accommodations for qualified individuals with disabilities and disabled veterans in our job application procedures. If you need assistance or an accommodation due to a disability, fill out the Accommodations request form.

The Integrity, Investigations, and Intelligence (i3E) Account Threats team is dedicated to protecting the users of Meta's family of applications (e.g. Facebook, Instagram, WhatsApp, Threads, Reality Labs) from the worst kinds of account security issues we experience. You will have the opportunity to have impact by solving the most complex problems Meta faces in account security. Your work will positively affect the billions of people who use our products. We are seeking an experienced security engineer to proactively detect and analyze root causes of scams, account security abuses, investigate complex threats to our business and our users, advance investigative methods and AI tooling, conduct quantitative and qualitative decision making, and use novel approaches to protect our users from harm. Minimum Qualifications * 5+ years work experience in a cyber security, security investigations, or cyber threat intelligence investigations role * Adept at building queries to analyze and interpret large datasets to advance investigations, quantify trends or support findings * Experience investigating and acting on high-impact threats such as account compromise, account automation tooling, account creation abuse, business compromise, scams, phishing attacks or malware analysis * Proficiency working with Python, PHP, or similar scripting languages * Experience thinking critically and qualifying assessments with solid communications skills in a cross-functional setting to influence decision makers across all levels of technical background * Experience identifying effective strategies to prevent or disrupt abuse at scale. Consult on the design of countermeasures to affect those strategies Preferred Qualifications * Experience with advanced use or building of AI tooling (LLMs, embeddings, fine-tuning, RAG, agentic workflows) to augment investigative workflows Responsibilities * Hunt for threats and undetected abuse by leveraging internal data, open source intelligence, and third-party private intelligence * Investigate complex account security abuses to understand in granular detail how abuse is occurring. Identify and implement appropriate detection or prevention strategies to mitigate harm both in the current case and from similar forward-looking abuse * Apply subject matter knowledge of adversary tactics, techniques, procedures, and tools to identify and mitigate threats * Build signatures (e.g. file, network) to detect, hunt, and prevent malware compromise * Lead technical investigations from start-to-finish, to include effectively communicating actionable results, analytic judgments, and mitigations to different audience types across cross-functional settings * Identify trends in adversary behavior, and proactive surfacing of risks that may represent previously unidentified or novel vectors for harm. Understand how abuse manifests and clearly explain emerging threats and trends, with an emphasis on security understanding * Analyze and interpret complex, high volume, and high dimensionality data from varying sources to advance investigations, quantify trends, or support findings * Lead identifying, prototyping, and teaching novel investigative techniques * Partner with other cross-functional teams to identify, influence, and implement holistic solutions to surfacing and responding to emerging threats * Manage multiple projects at once while effectively prioritizing time, based on team priorities * Use AI to advance investigations and automate the everyday tasks and actions conducted during investigations and team processes About Meta Meta builds technologies that help people connect, find communities, and grow businesses. When Facebook launched in 2004, it changed the way people connect. Apps like Messenger, Instagram and WhatsApp further empowered billions around the world. Now, Meta is moving beyond 2D screens toward immersive experiences like augmented and virtual reality to help build the next evolution in social technology. People who choose to build their careers by building with us at Meta help shape a future that will take us beyond what digital connection makes possible today-beyond the constraints of screens, the limits of distance, and even the rules of physics. Equal Employment Opportunity Meta is proud to be an Equal Employment Opportunity employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, reproductive health decisions, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, genetic information, political views or activity, or other applicable legally protected characteristics. You may view our Equal Employment Opportunity notice here. Meta is committed to providing reasonable accommodations for qualified individuals with disabilities and disabled veterans in our job application procedures. If you need assistance or an accommodation due to a disability, fill out the Accommodations request form.

To help Meta secure its millions of technology assets, we're seeking a Security Engineer with software development skills to help us build and improve a system that measures the security risk of different assets around the world. This system, called Security Impact Rating (SIR), helps prioritize security efforts by identifying which assets pose the greatest potential risk. If building scalable security solutions to help protect the data of billions of users sounds exciting, this might be the role for you. Minimum Qualifications * B.S. or M.S. in Computer Science or related field, or equivalent experience * 2+ years of experience in designing and implementing security systems, tools, or frameworks * Demonstrated programming skills in languages commonly used for backend development (e.g., PHP, Python, SQL) * Experience designing and implementing algorithms that process complex data * Familiarity with security fundamentals such as access control, data sensitivity, data classification methodology, and risk assessment * Problem-solving skills and attention to detail * Extensive knowledge of attacker tactics, techniques, and procedures * Proficiency in coding with experience in languages such as Python, C/C++, Go, or equivalent * Experience collaborating with technical and non-technical stakeholders * Ability to rapidly prototype and iterate on security solutions Preferred Qualifications * Experience coding and debugging with AI-assisted tools * Experience with AI prompt engineering Responsibilities * Rank different types of technology assets based on their security risks * Identify and collect security signals (data points) that indicate the risk level of each asset * Design algorithms that calculate a security risk score for assets based on these signals and their relationships * Create code to implement these algorithms and integrate them into the company's security infrastructure * Validate and test the accuracy of the risk scores through manual review and automated testing * Collaborate with other engineers, security analysts, and stakeholders to review designs, share progress, and communicate results * Monitor the system after launch to ensure it continues to provide accurate and useful risk ratings, and make improvements as needed * Author clear technical documentation About Meta Meta builds technologies that help people connect, find communities, and grow businesses. When Facebook launched in 2004, it changed the way people connect. Apps like Messenger, Instagram and WhatsApp further empowered billions around the world. Now, Meta is moving beyond 2D screens toward immersive experiences like augmented and virtual reality to help build the next evolution in social technology. People who choose to build their careers by building with us at Meta help shape a future that will take us beyond what digital connection makes possible today-beyond the constraints of screens, the limits of distance, and even the rules of physics. Equal Employment Opportunity Meta is proud to be an Equal Employment Opportunity employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, reproductive health decisions, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, genetic information, political views or activity, or other applicable legally protected characteristics. You may view our Equal Employment Opportunity notice here. Meta is committed to providing reasonable accommodations for qualified individuals with disabilities and disabled veterans in our job application procedures. If you need assistance or an accommodation due to a disability, fill out the Accommodations request form.

Meta's Offensive Security Group is seeking an experienced Offensive Security Engineer to join our team. As a key member of the team, you will be responsible for executing tactical, offensive assessments across various environments, emulating internal and external threats, and driving remediations to improve the organization's security posture. Minimum Qualifications * Bachelor's degree (or foreign degree equivalent) in Information Systems Engineering, Computer Science, Engineering, Information Security, Cyber Security, Information Assurance, or equivalent experience * 2+ years of experience in Red Teaming, Penetration Testing, and/or cyber threat hunting * Experience with coding/scripting skills in one or more general purpose languages Preferred Qualifications * Relevant certifications such as Offensive Security Certified Professional, Offensive Security Exploitation Professional, Certified Red Team Operator, or Certified Red Team Leader * Public tools, presentations, or research published on Cybersecurity Responsibilities * Conduct offensive security engagements, including Red Team operations, threat-based evaluations, and vulnerability research and exploitation against both internal and external facing systems * Design, scope, and lead complex technical assessments, Purple Team Engagements, and other security initiatives to test attack detection and prevention effectiveness * Automate portions of assessments, scoping, or other offensive security work to inform and drive our engagements * Incorporate Threat Intelligence research to track APT trends and help partners test their environments against new and emerging threats * Collaborate with cross-functional teams, including Incident Response, Product Security, and other security partners, to align remediation efforts and drive fixes after testing cycles * Develop and maintain relationships with internal customers to identify and facilitate solutions to increase the impact of the team's work * Influence and align the team's direction and strategy, and collaboratively prioritize and deliver specific multi-year roadmaps and projects About Meta Meta builds technologies that help people connect, find communities, and grow businesses. When Facebook launched in 2004, it changed the way people connect. Apps like Messenger, Instagram and WhatsApp further empowered billions around the world. Now, Meta is moving beyond 2D screens toward immersive experiences like augmented and virtual reality to help build the next evolution in social technology. People who choose to build their careers by building with us at Meta help shape a future that will take us beyond what digital connection makes possible today-beyond the constraints of screens, the limits of distance, and even the rules of physics. Equal Employment Opportunity Meta is proud to be an Equal Employment Opportunity employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, reproductive health decisions, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, genetic information, political views or activity, or other applicable legally protected characteristics. You may view our Equal Employment Opportunity notice here. Meta is committed to providing reasonable accommodations for qualified individuals with disabilities and disabled veterans in our job application procedures. If you need assistance or an accommodation due to a disability, fill out the Accommodations request form.

Meta Security is looking for a threat intelligence investigator with extensive experience in investigating cyber threats with an intelligence-driven approach. You will be proactively responding to a broad set of security threats, as well as tracking actor groups with an interest or capability to target Meta and its employees. You will also be identifying the gaps in current detections and preventions by long-term intelligence tracking and research, and working with cross-functional stakeholders to improve Meta's security posture. Minimum Qualifications * 3+ years threat intelligence experience * Bachelor's degree or equivalent experience in Security * Familiarity with campaign tracking techniques and ability to convert the tracking results to long term countermeasures * Familiarity with threat modeling framework, such as Diamond Model or/and MITRE ATT&CK framework * Experience with intelligence-driven hunting to spot suspicious activities in the network and identify potential risks * Proven track record of managing and executing on short term and long term projects * Ability to work with a team spanning multiple locations/time zones * Ability to prioritize and execute tasks with minimal direction or oversight * Ability to think critically and qualify assessments with solid communications skills * Coding or scripting experience in one or more scripting languages such as Python or PHP Preferred Qualifications * Experience close collaborating with incident responders on incident investigations * Familiarity with malware analysis or network traffic analysis * Familiarity with nation-state, sophisticated criminal, or supply chain threats * Familiarity with file-based or network-based rules and signatures for detection and tracking of complex threats, such as YARA or Snort * Experience in one or more query languages such as SQL * Experience authoring production code for threat intelligence tooling * Experience conducting large scale data analysis * Experience working across the broader security community Responsibilities * Track threat clusters posing threats to Meta's infrastructure and employees, and identify, develop and implement countermeasures on our corporate network * Investigate, mitigate, and forecast emerging technical trends and communicate effectively with actionable suggestions to different types of audiences * Work closely with incident responders to provide useful and timely intelligence to enrich ongoing investigations * Improve the tooling of threat cluster tracking and intelligence data integration to existing systems * Engage constructively in cross-functional projects to improve the security posture of Meta's infrastructure, such as red team operations, surface detection coverage expansion and vulnerability management discussions About Meta Meta builds technologies that help people connect, find communities, and grow businesses. When Facebook launched in 2004, it changed the way people connect. Apps like Messenger, Instagram and WhatsApp further empowered billions around the world. Now, Meta is moving beyond 2D screens toward immersive experiences like augmented and virtual reality to help build the next evolution in social technology. People who choose to build their careers by building with us at Meta help shape a future that will take us beyond what digital connection makes possible today-beyond the constraints of screens, the limits of distance, and even the rules of physics. Equal Employment Opportunity Meta is proud to be an Equal Employment Opportunity employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, reproductive health decisions, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, genetic information, political views or activity, or other applicable legally protected characteristics. You may view our Equal Employment Opportunity notice here. Meta is committed to providing reasonable accommodations for qualified individuals with disabilities and disabled veterans in our job application procedures. If you need assistance or an accommodation due to a disability, fill out the Accommodations request form.

Meta's Product Security team is seeking a experienced hacker who derives purpose in life by revealing potential weaknesses and then crafting creative solutions to eliminate those weaknesses. Your skills will be the foundation of security initiatives that protect the security and privacy of over two billion people. You will be relied upon to provide engineering and product teams with the web, mobile, or native code security expertise necessary to make informed product decisions. Come help us make life hard for the bad guys. **Required Skills:** Product Security Engineer, AI Responsibilities: 1. Security Reviews: perform manual design and implementation reviews of products and services that make up the Meta ecosystem, like Instagram, WhatsApp, Oculus, Portal, and more 2. Developer Guidance: provide guidance and education to developers that help prevent the authoring of vulnerabilities 3. Automated Analysis and Secure Frameworks: build automation (static and dynamic analysis) and frameworks with software engineers that enable Meta to scale consistently across all of our products **Minimum Qualifications:** Minimum Qualifications: 4. BS or MS in Computer Science or a related field, or equivalent experience 5. 8+ years of experience finding vulnerabilities in interpreted languages. Knowledge of best practice secure code development 6. Experience with exploiting common security vulnerabilities 7. Knowledge of common exploit mitigations and how they work 8. Coding and scripting experience in one or more general purpose languages **Preferred Qualifications:** Preferred Qualifications: 9. Experience creating software that enables security processes, especially those leveraging AI/ML for automation or augmentation 10. Experience creating software that enables security processes 11. 8+ years of experience finding vulnerabilities in C/C++ code 12. Contributions to the security community (public research, blogging, presentations, bug bounty) 13. Demonstrated ability to collaborate with AI researchers or engineers to apply AI in security workflows **Public Compensation:** $177,000/year to $251,000/year + bonus + equity + benefits **Industry:** Internet **Equal Opportunity:** Meta is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law. Meta participates in the E-Verify program in certain locations, as required by law. Please note that Meta may leverage artificial intelligence and machine learning technologies in connection with applications for employment. Meta is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process. If you need any assistance or accommodations due to a disability, please let us know at accommodations-ext@fb.com.

Meta Security is looking for a threat intelligence investigator with extensive experience in investigating cyber threats with an intelligence-driven approach. You will be proactively responding to a broad set of security threats, as well as tracking actor groups with an interest or capability to target Meta and its employees. You will also be identifying the gaps in current detections and preventions by long-term intelligence tracking and research, and working with cross-functional stakeholders to improve Meta's security posture. You will help the team establish, lead and execute multi-year roadmaps that improve research efficiency and quality across the team, and drive improvements to stakeholder management across a broad range of intelligence requirements. **Required Skills:** Detection & Response Security Engineer, Threat Intelligence Responsibilities: 1. Influence and align the team's vision and strategy. Collaboratively prioritize and deliver specific multi-year roadmaps and projects 2. Build, cultivate, and maintain impactful relationships with intelligence stakeholders to identify and facilitate solutions to increase the impact of the team's work 3. Refine operational metrics, key performance indicators, and service level objectives to measure Intelligence research and services 4. Lead cross-functional projects to improve the security posture of Meta's infrastructure, such as red team operations, surface detection coverage expansion and vulnerability management discussions 5. Track threat clusters posing threats to Meta's infrastructure and employees, and identify, develop and implement countermeasures on our corporate network 6. Investigate, mitigate, and forecast emerging technical trends and communicate effectively with actionable suggestions to different types of audiences 7. Work closely with incident responders to provide useful and timely intelligence to enrich ongoing investigations 8. Improve the tooling of threat cluster tracking and intelligence data integration to existing systems **Minimum Qualifications:** Minimum Qualifications: 9. 8+ years threat intelligence experience 10. B.S. or M.S. in Computer Science or related field, or equivalent experience 11. Be a technical and process subject matter expert regarding Security Operations and Threat Intelligence services 12. Experience developing and delivering information on threats, incidents and program status for leadership 13. Expertise with campaign tracking techniques and converting tracking results to long term countermeasures 14. Expertise with threat modeling frameworks, such as Diamond Model or/and MITRE ATT&CK framework 15. Experience intelligence-driven hunting to spot suspicious activities in the network and identify potential risks 16. Proven track record of managing and executing on short term and long term projects 17. Ability to work with a team spanning multiple locations/time zones 18. Ability to prioritize and execute tasks with minimal direction or oversight 19. Ability to think critically and qualify assessments with solid communications skills 20. Coding or scripting experience in one or more scripting languages such as Python or PHP **Preferred Qualifications:** Preferred Qualifications: 21. Experience recruiting, building, and leading technical teams, including performance management 22. Experience close collaborating with incident responders on incident investigations 23. Experience in threat hunting including leveraging intelligence data to proactively identify and iteratively investigates suspicious behavior across networks and systems 24. Familiarity with malware analysis or network traffic analysis 25. Familiarity with nation-state, sophisticated criminal, or supply chain threats 26. Familiarity with file-based or network-based rules and signatures for detection and tracking of complex threats, such as YARA or Snort 27. Experience in one or more query languages such as SQL 28. Experience authoring production code for threat intelligence tooling 29. Experience conducting large scale data analysis 30. Experience working across the broader security community **Public Compensation:** $177,000/year to $251,000/year + bonus + equity + benefits **Industry:** Internet **Equal Opportunity:** Meta is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law. Meta participates in the E-Verify program in certain locations, as required by law. Please note that Meta may leverage artificial intelligence and machine learning technologies in connection with applications for employment. Meta is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process. If you need any assistance or accommodations due to a disability, please let us know at accommodations-ext@fb.com.

To help Meta secure its millions of technology assets, we're seeking a Security Engineer with software development skills to help us build and improve a system that measures the security risk of different assets around the world. This system, called Security Impact Rating (SIR), helps prioritize security efforts by identifying which assets pose the greatest potential risk. If building scalable security solutions to help protect the data of billions of users sounds exciting, this might be the role for you. **Required Skills:** Security Engineer (Builder) Responsibilities: 1. Rank different types of technology assets based on their security risks 2. Identify and collect security signals (data points) that indicate the risk level of each asset 3. Design algorithms that calculate a security risk score for assets based on these signals and their relationships 4. Create code to implement these algorithms and integrate them into the company's security infrastructure 5. Validate and test the accuracy of the risk scores through manual review and automated testing 6. Collaborate with other engineers, security analysts, and stakeholders to review designs, share progress, and communicate results 7. Monitor the system after launch to ensure it continues to provide accurate and useful risk ratings, and make improvements as needed 8. Author clear technical documentation **Minimum Qualifications:** Minimum Qualifications: 9. 2+ years of experience in designing and implementing security systems, tools, or frameworks 10. Demonstrated programming skills in languages commonly used for backend development (e.g., PHP, Python, SQL) 11. Experience designing and implementing algorithms that process complex data 12. Familiarity with security fundamentals such as access control, data sensitivity, data classification methodology, and risk assessment 13. Problem-solving skills and attention to detail 14. Extensive knowledge of attacker tactics, techniques, and procedures 15. Proficiency in coding with experience in languages such as Python, C/C++, Go, or equivalent 16. Experience collaborating with technical and non-technical stakeholders 17. Ability to rapidly prototype and iterate on security solutions **Preferred Qualifications:** Preferred Qualifications: 18. Experience coding and debugging with AI-assisted tools 19. Experience with AI prompt engineering **Public Compensation:** $117,000/year to $173,000/year + bonus + equity + benefits **Industry:** Internet **Equal Opportunity:** Meta is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law. Meta participates in the E-Verify program in certain locations, as required by law. Please note that Meta may leverage artificial intelligence and machine learning technologies in connection with applications for employment. Meta is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process. If you need any assistance or accommodations due to a disability, please let us know at accommodations-ext@fb.com.

info_outline XNote: By applying to this position you will have an opportunity to share your preferred working location from the following: Kirkland, WA, USA; Sunnyvale, CA, USA. Minimum qualifications: Bachelor's degree or equivalent practical experience. 8 years of coding experience in one or more general purpose languages (e.g., Python, C, C++, Java, Go). 8 years of enterprise security engineering experience. 5 years of experience in security leading teams in a technical capacity or leading technical risk analysis in an enterprise environment. Preferred qualifications: Experience in representing security in cloud use. Knowledge of security principles with a focus on identity. About the job There's no such thing as a "safe system" - only safer systems. Our Security team works to create and maintain the safest operating environment for Google's users and developers. As a Security Engineer, you help protect network boundaries, keep computer systems and network devices hardened against attacks and provide security services to protect highly sensitive data like passwords and customer information. Security Engineers work directly with network equipment and actively monitor our systems for attacks and intrusions. You also work with software engineers to proactively identify and fix security flaws and vulnerabilities. You use your industry experience to own and drive the resolution of complex security incidents, policy questions and technical security issues. The Alphabet Identity team manages identity risks for Alphabet including how we onboard, authenticate, and ensure that only the right folks gain access to the sensitive data at Google. That means how we use physical security tokens, badges, trusted platform modules, single sign on, identity verification, biometrics, and other controls across all our environments including Corp, Production and Cloud but also with all our third-party connections including across various SaaS, Bets, and Acquisitions. The work here controls the daily experience of every Googler (and also the daily experience of the many nation state attackers trying to gain access to Google). Identity manages this for Google by setting policy, engineering solutions, and working with partners across the company. In addition, the Identity Team partners with internal teams on hardware development, with external standards bodies, and with major vendors on new innovative solutions to move the industry forward. The Core team builds the technical foundation behind Google's flagship products. We are owners and advocates for the underlying design elements, developer platforms, product components, and infrastructure at Google. These are the essential building blocks for excellent, safe, and coherent experiences for our users and drive the pace of innovation for every developer. We look across Google's products to build central solutions, break down technical barriers and strengthen existing systems. As the Core team, we have a mandate and a unique opportunity to impact important technical decisions across the company. The US base salary range for this full-time position is $197,000-$291,000 + bonus + equity + benefits. Our salary ranges are determined by role, level, and location. Within the range, individual pay is determined by work location and additional factors, including job-related skills, experience, and relevant education or training. Your recruiter can share more about the specific salary range for your preferred location during the hiring process. Please note that the compensation details listed in US role postings reflect the base salary only, and do not include bonus, equity, or benefits. Learn more about benefits at Google. Responsibilities Own security strategy and outcomes at Google around Identity and Account Life-cycle Management over a long time horizon. Exhibit technical security leadership across multiple groups, influencing stakeholders, risk decisions, security designs, and plans with engaging priorities to align on outcomes in the best interest of Google. Use your deep understanding of security technologies, tools, infrastructure, and processes to improve Identity and Account Life-cycle Management at Google. Partner with individual contributors, technical leads, managers, partner teams, and executive leadership to prioritize security engineering efforts to address risks and meet business objectives. Make individual contributions to select design and policy decisions, drive and conclude information security risk discussions and escalations up to and including VP level.

_corporate_fare_ Google _place_ Kirkland, WA, USA; Sunnyvale, CA, USA **Advanced** Experience owning outcomes and decision making, solving ambiguous problems and influencing stakeholders; deep expertise in domain. _info_outline_ XNote: By applying to this position you will have an opportunity to share your preferred working location from the following: **Kirkland, WA, USA; Sunnyvale, CA, USA** . **Minimum qualifications:** + Bachelor's degree or equivalent practical experience. + 8 years of coding experience in one or more general purpose languages (e.g., Python, C, C++, Java, Go). + 8 years of enterprise security engineering experience. + 5 years of experience in security leading teams in a technical capacity or leading technical risk analysis in an enterprise environment. **Preferred qualifications:** + Experience in representing security in cloud use. + Knowledge of security principles with a focus on identity. **About the job** There's no such thing as a "safe system" - only safer systems. Our Security team works to create and maintain the safest operating environment for Google's users and developers. As a Security Engineer, you help protect network boundaries, keep computer systems and network devices hardened against attacks and provide security services to protect highly sensitive data like passwords and customer information. Security Engineers work directly with network equipment and actively monitor our systems for attacks and intrusions. You also work with software engineers to proactively identify and fix security flaws and vulnerabilities. You use your industry experience to own and drive the resolution of complex security incidents, policy questions and technical security issues. The Alphabet Identity team manages identity risks for Alphabet including how we onboard, authenticate, and ensure that only the right folks gain access to the sensitive data at Google. That means how we use physical security tokens, badges, trusted platform modules, single sign on, identity verification, biometrics, and other controls across all our environments including Corp, Production and Cloud but also with all our third-party connections including across various SaaS, Bets, and Acquisitions. The work here controls the daily experience of every Googler (and also the daily experience of the many nation state attackers trying to gain access to Google). Identity manages this for Google by setting policy, engineering solutions, and working with partners across the company. In addition, the Identity Team partners with internal teams on hardware development, with external standards bodies, and with major vendors on new innovative solutions to move the industry forward. The Core team builds the technical foundation behind Google's flagship products. We are owners and advocates for the underlying design elements, developer platforms, product components, and infrastructure at Google. These are the essential building blocks for excellent, safe, and coherent experiences for our users and drive the pace of innovation for every developer. We look across Google's products to build central solutions, break down technical barriers and strengthen existing systems. As the Core team, we have a mandate and a unique opportunity to impact important technical decisions across the company. The US base salary range for this full-time position is $197,000-$291,000 + bonus + equity + benefits. Our salary ranges are determined by role, level, and location. Within the range, individual pay is determined by work location and additional factors, including job-related skills, experience, and relevant education or training. Your recruiter can share more about the specific salary range for your preferred location during the hiring process. Please note that the compensation details listed in US role postings reflect the base salary only, and do not include bonus, equity, or benefits. Learn more aboutbenefits at Google (************************************* . **Responsibilities** + Own security strategy and outcomes at Google around Identity and Account Life-cycle Management over a long time horizon. + Exhibit technical security leadership across multiple groups, influencing stakeholders, risk decisions, security designs, and plans with engaging priorities to align on outcomes in the best interest of Google. + Use your deep understanding of security technologies, tools, infrastructure, and processes to improve Identity and Account Life-cycle Management at Google. + Partner with individual contributors, technical leads, managers, partner teams, and executive leadership to prioritize security engineering efforts to address risks and meet business objectives. + Make individual contributions to select design and policy decisions, drive and conclude information security risk discussions and escalations up to and including VP level. Information collected and processed as part of your Google Careers profile, and any job applications you choose to submit is subject to Google'sApplicant and Candidate Privacy Policy (./privacy-policy) . Google is proud to be an equal opportunity and affirmative action employer. We are committed to building a workforce that is representative of the users we serve, creating a culture of belonging, and providing an equal employment opportunity regardless of race, creed, color, religion, gender, sexual orientation, gender identity/expression, national origin, disability, age, genetic information, veteran status, marital status, pregnancy or related condition (including breastfeeding), expecting or parents-to-be, criminal histories consistent with legal requirements, or any other basis protected by law. See also Google's EEO Policy (******************************************************* ,Know your rights: workplace discrimination is illegal (**************************************************************************** ,Belonging at Google (******************************** , and How we hire (**************************************** . If you have a need that requires accommodation, please let us know by completing our Accommodations for Applicants form (*************************************** . Google is a global company and, in order to facilitate efficient collaboration and communication globally, English proficiency is a requirement for all roles unless stated otherwise in the job posting. To all recruitment agencies: Google does not accept agency resumes. Please do not forward resumes to our jobs alias, Google employees, or any other organization location. Google is not responsible for any fees related to unsolicited resumes. Google is proud to be an equal opportunity workplace and is an affirmative action employer. We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. See also ******************************* and ************************************************************* If you have a need that requires accommodation, please let us know by completing our Accommodations for Applicants form: ***************************************