Meta
Detection & Response Security Engineer, Threat Intelligence
Meta, New York, New York, us, 10261
Detection & Response Security Engineer, Threat Intelligence
Meta Security is looking for a threat intelligence investigator with extensive experience in investigating cyber threats with an intelligence‑driven approach. The role involves proactively responding to a broad set of security threats, tracking actor groups interested in targeting Meta and its employees, identifying gaps in current detections, and collaborating with cross‑functional stakeholders to improve Meta’s security posture.
Base pay range:
$117,000.00/yr – $173,000.00/yr
Responsibilities
Track threat clusters posing threats to Meta’s infrastructure and employees, and identify, develop and implement countermeasures on the corporate network.
Investigate, mitigate, and forecast emerging technical trends, and communicate actionable suggestions to various audiences.
Work closely with incident responders to provide intelligence that enriches ongoing investigations.
Improve the tooling of threat‑cluster tracking and intelligence data integration into existing systems.
Engage constructively in cross‑functional projects to improve the security posture of Meta’s infrastructure, such as red team operations, surface detection coverage expansion, and vulnerability management discussions.
Minimum Qualifications
3+ years of threat intelligence experience.
Bachelor’s degree or equivalent experience in Security.
Familiarity with campaign tracking techniques and ability to convert tracking results into long‑term countermeasures.
Familiarity with threat‑modeling frameworks such as the Diamond Model or MITRE ATT&CK.
Experience with intelligence‑driven hunting to spot suspicious network activities and identify potential risks.
Proven track record of managing and executing short‑term and long‑term projects.
Ability to work with a team spanning multiple locations/time zones.
Ability to prioritize and execute tasks with minimal direction or oversight.
Strong critical‑thinking and communication skills.
Programming or scripting experience in languages such as Python or PHP.
Preferred Qualifications
Experience collaborating with incident responders on investigations.
Familiarity with malware analysis or network traffic analysis.
Familiarity with nation‑state, sophisticated criminal, or supply‑chain threats.
Experience with file‑based or network‑based rules and signatures (e.g., YARA, Snort).
Experience with query languages such as SQL.
Experience authoring production code for threat‑intelligence tooling.
Experience conducting large‑scale data analysis.
Experience working across the broader security community.
Equal Employment Opportunity Meta is proud to be an Equal Employment Opportunity and affirmative action employer. We do not discriminate based on race, religion, color, national origin, sex, sexual orientation, gender identity, gender expression, transgender status, age, protected veteran status, disability, or other legally protected characteristics. Meta also considers qualified applicants with criminal histories, consistent with applicable law. Meta participates in the E‑Verify program where required. Meta may use artificial intelligence and machine learning in connection with applications. We provide reasonable accommodations for candidates with disabilities.
#J-18808-Ljbffr
Base pay range:
$117,000.00/yr – $173,000.00/yr
Responsibilities
Track threat clusters posing threats to Meta’s infrastructure and employees, and identify, develop and implement countermeasures on the corporate network.
Investigate, mitigate, and forecast emerging technical trends, and communicate actionable suggestions to various audiences.
Work closely with incident responders to provide intelligence that enriches ongoing investigations.
Improve the tooling of threat‑cluster tracking and intelligence data integration into existing systems.
Engage constructively in cross‑functional projects to improve the security posture of Meta’s infrastructure, such as red team operations, surface detection coverage expansion, and vulnerability management discussions.
Minimum Qualifications
3+ years of threat intelligence experience.
Bachelor’s degree or equivalent experience in Security.
Familiarity with campaign tracking techniques and ability to convert tracking results into long‑term countermeasures.
Familiarity with threat‑modeling frameworks such as the Diamond Model or MITRE ATT&CK.
Experience with intelligence‑driven hunting to spot suspicious network activities and identify potential risks.
Proven track record of managing and executing short‑term and long‑term projects.
Ability to work with a team spanning multiple locations/time zones.
Ability to prioritize and execute tasks with minimal direction or oversight.
Strong critical‑thinking and communication skills.
Programming or scripting experience in languages such as Python or PHP.
Preferred Qualifications
Experience collaborating with incident responders on investigations.
Familiarity with malware analysis or network traffic analysis.
Familiarity with nation‑state, sophisticated criminal, or supply‑chain threats.
Experience with file‑based or network‑based rules and signatures (e.g., YARA, Snort).
Experience with query languages such as SQL.
Experience authoring production code for threat‑intelligence tooling.
Experience conducting large‑scale data analysis.
Experience working across the broader security community.
Equal Employment Opportunity Meta is proud to be an Equal Employment Opportunity and affirmative action employer. We do not discriminate based on race, religion, color, national origin, sex, sexual orientation, gender identity, gender expression, transgender status, age, protected veteran status, disability, or other legally protected characteristics. Meta also considers qualified applicants with criminal histories, consistent with applicable law. Meta participates in the E‑Verify program where required. Meta may use artificial intelligence and machine learning in connection with applications. We provide reasonable accommodations for candidates with disabilities.
#J-18808-Ljbffr