Utilizing Meta’s tooling, you will monitor security events in real-time, assess external and internal threats, and provide accurate and timely response. You will collaborate closely with technical teams, with a diverse set of skills to tackle the panoply of unique security challenges that we encounter at Meta scale.Security Analyst, Security Operations and Incident Response Responsibilities
- Investigate and respond to external and internal cybersecurity threats in a timely manner while communicating clearly and proactively until remediation.
- Drive changes to processes that scale across teams and regions and affect organizations outside Security.
- Act as an escalation point for Tier1 investigations, contribute to the development of the Tier1 capability and related service level objectives.
- Document security investigations and produce high quality and accurate reports for a wide range of stakeholders.
- Collaborate with Security Engineers and cross-functional teams to investigate and remediate large scale security incidents.
- Support security incidents root cause analysis, identify control gaps and recommend mitigation strategies.
- Collaborate with cross-functional teams to drive improvements to security policies, processes and tools.
- Improve the effectiveness and efficiency of the Security Operations and Incident Response team including development and refinement of processes and technical capabilities.
- Understand and support requirements of internal and external stakeholders, regulators, and auditors.
- 6+ years of professional experience in a Security Operations Center, Incident Response, or relevant investigative role.
- 6+ years of experience navigating and understanding Windows, macOS, and Linux operating systems.
- Knowledge of networking technologies, specifically TCP/IP and related protocols.
- Experience analyzing network and host-based security events.
- Professional experience using a wide range of investigative tools including EDR, SIEM/SOAR, UBA.
- Professional experience with database query languages.
- Professional experience handling digital forensic evidence and writing reports to support internal investigations.
- Experience with attacker tactics, techniques, and procedures.
- Experience making important decisions independently and multi-tasking under pressure.
- Experience responding quickly to changing situations without compromising quality.
- Previous experience as a Lead Security Analyst in a large and regulated organization.
- Experience handling and triaging malware.
- Experience driving changes to processes and tools that scale across a global security operations team.
- Experience working in a 24x7 operational environment, and a track record of defining, implementing and measuring success of operational programs.