55
Top TechCompanies
43k
Top ActiveJobs
38m
Age OfNewest Job

Security Engineer - Vulnerability Management

MetaApplyPublished 3 days agoFirst seen 2 hours ago
Apply

Description

The Meta Central Security Organization is seeking a committed and experienced Security Engineer to help us mature Meta’s security posture through our vulnerability management program. Our team strives to go beyond identifying vulnerabilities by preventing security problems during the development process to eliminate entire classes of vulnerabilities through collaboration with cross-functional partners to measure and improve how to identify, fix, and prevent vulnerabilities.

Responsibilities

Analyze vulnerabilities to determine the real impact to our systems and applications, incorporating threat intelligence Drive solutions that enable high fidelity vulnerability contextualization, tracking, and remediation Influence what areas of the vulnerability pipeline would most benefit from automation to improve operational efficiency and influence the team to prioritize the work Dive into large datasets to identify strategic opportunities for security posture improvement Influence the Meta-wide vulnerability management strategy, collaborating with partners to deliver multi-year roadmaps, while coaching and supporting team members Provide rapid-response vulnerability analysis for active zero-days and participate in regular on-call vulnerability management rotation

Qualifications

B.S. or M.S. in Computer Science or related field, or equivalent experience 5+ years of experience in identifying security vulnerabilities, issues, risks, and developing mitigation plans 4+ years of experience in network, system, or software architecture: design, implementation, support, and evaluation of security-focused tools and services Be a technical and process subject matter expert regarding vulnerability management operations and company-wide programs to address the risk at scale Experience responding to both external and insider threats Coding/scripting experience in one or more general purpose languages Experience generating automated metrics to measure service and program effectiveness and consistency Experience making contributions to the security or privacy community (public research, blogging, presentations, etc.) Background in malware analysis, digital forensics, intrusion detection, and/or threat intelligence Broad knowledge across the security domain Experience with attacker tactics, techniques, and procedures

Compensation: $154,000/year to $217,000/year + bonus + equity + benefits