Meta Platforms
Product Security Engineer, Instagram
Meta Platforms, Menlo Park, California, United States, 94029
Product Security Engineer, Instagram
The Instagram Security Ecosystems team is seeking a product-focused security engineer interested in enabling Instagram product teams to develop features with a focus on security and user safety. You will be relied upon to directly work with Instagram engineers, hardening both product features and our protective frameworks that make life harder for bad actors on the Instagram platform. Responsibilities
Responsibilities include: Threat Modeling and Security Architecture: Work directly with product managers and technical leads on threat models and security architecture for novel Instagram features or products Security Reviews: Perform manual design and implementation reviews of web, mobile, and native code Developer Guidance: Provide guidance and education to developers that help prevent the authoring of vulnerabilities Automated Analysis and Secure Frameworks: Work with other security teams to improve Instagram's static and dynamic analysis and frameworks to scale coverage Bug Bounty: Help provide technical guidance to our world class bug bounty program and independent security researchers Industry Impact: Push the industry forward through conference talks and open source projects to contribute broadly to security for the world Minimum Qualifications
Minimum qualifications include: B.S. or M.S. in Computer Science, Cybersecurity, or related field, or equivalent experience 8+ years of experience finding vulnerabilities in interpreted languages (Python, PHP) Extensive, proven experience in threat modeling and secure systems design Experience with exploiting common security vulnerabilities Preferred Qualifications
Preferred qualifications include: Product software engineering or product management experience Experience in security consulting or other leadership-facing security advisory roles Familiarity with cybersecurity investigations, abuse operations, and/or security incident response Contributions to the security community (public research, blogging, presentations, bug bounty, etc.)
The Instagram Security Ecosystems team is seeking a product-focused security engineer interested in enabling Instagram product teams to develop features with a focus on security and user safety. You will be relied upon to directly work with Instagram engineers, hardening both product features and our protective frameworks that make life harder for bad actors on the Instagram platform. Responsibilities
Responsibilities include: Threat Modeling and Security Architecture: Work directly with product managers and technical leads on threat models and security architecture for novel Instagram features or products Security Reviews: Perform manual design and implementation reviews of web, mobile, and native code Developer Guidance: Provide guidance and education to developers that help prevent the authoring of vulnerabilities Automated Analysis and Secure Frameworks: Work with other security teams to improve Instagram's static and dynamic analysis and frameworks to scale coverage Bug Bounty: Help provide technical guidance to our world class bug bounty program and independent security researchers Industry Impact: Push the industry forward through conference talks and open source projects to contribute broadly to security for the world Minimum Qualifications
Minimum qualifications include: B.S. or M.S. in Computer Science, Cybersecurity, or related field, or equivalent experience 8+ years of experience finding vulnerabilities in interpreted languages (Python, PHP) Extensive, proven experience in threat modeling and secure systems design Experience with exploiting common security vulnerabilities Preferred Qualifications
Preferred qualifications include: Product software engineering or product management experience Experience in security consulting or other leadership-facing security advisory roles Familiarity with cybersecurity investigations, abuse operations, and/or security incident response Contributions to the security community (public research, blogging, presentations, bug bounty, etc.)