The Insider Trust team is looking for a highly motivated Security Engineer to build and improve internal tools and systems to detect malicious activities related to insider threats. Candidates are expected to analyze and monitor internal tools, hunt for insider threats against company data and infrastructure, and and have the ability to carry out complex internal investigations from collection to reporting. As part of the role, this person will work side by side with our engineering teams to build advanced detection solutions to help keep systems and information safe, and partner closely with our Human Resources and Legal teams to carry out complex investigations. We are looking for people that have a strong technical background, experience with computer forensics, data analytics, system and network administration, and the ability to build tools and/or automate tasks.
Security Engineer, Insider Trust Responsibilities
- Lead cross-functional projects to improve our capabilities to effectively detect and respond to internal threats and security incidents
- Leverage threat modeling and analysis to build event and/or behavioral based detections to protect our critical assets and infrastructure
- Perform analysis of logs from a variety of sources (e.g., individual host logs, network traffic logs) to identify potential insider threats
- Build operational workflows and actions that auto-resolve false positives and provide context scaling our ability to investigate
- Identify gaps in our infrastructure, and work with software engineers, product managers, and business partners to gain visibility through logging and detection
- Perform live response, digital forensics, and analysis of a wide variety of assets including endpoints, mobile, servers and networking equipment
- Conduct insider trust investigations in a cross-functional environment and drive incident resolution
- 3+ years experience in an incident response and/or detection engineering role
- 3+ years programming experience with at least one of the following languages: Python, Python, PHP, and/or C++.
- 2+ years experience writing detection rules using anomaly based methods
- Master's degree in Computer Science/Engineering
- Networking and system administration experience of server (Linux, Windows) and client (Windows, macOS, Linux) operating systems
- Familiarity with multiple forensic tools (e.g. SIFT Workstation, Sleuthkit, F-Response Enterprise, EnCase, FTK, Cellebrite, X-Ways, Volatility, or open source tools) to perform analysis and/or memory collection
Individual pay is determined by skills, qualifications, experience, and location. Compensation details listed in this posting reflect the base salary only, and do not include bonus, equity or sales incentives, if applicable. In addition to base salary, Meta offers benefits. Learn more about benefits at Meta.