Security Engineer, Insider Trust - Menlo Park, CA | Seattle, WA | Washington, DC | New York, NY | Remote, US
As part of Meta Security, our Insider Trust team is focused on identifying and responding to insider threats to data. The team's mission is to identify malicious use of otherwise legitimate access to data from people inside the company and respond to it before damage is done. We investigate across a broad spectrum of abuse including abuse of user data, intellectual property, and leaks of sensitive information. We collaborate with software engineering teams to build advanced detection capabilities and understand how abuse happens so that we can stay ahead of those who are interested in misusing their access.
The Insider Trust team is looking for a highly motivated Security Engineer to build and improve internal tools and systems to detect malicious activities related to insider threats. Candidates are expected to analyze and monitor internal tools, hunt for insider threats against company data and infrastructure, and and have the ability to carry out complex internal investigations from collection to reporting. As part of the role, this person will work side by side with our engineering teams to build advanced detection solutions to help keep systems and information safe, and partner closely with our Human Resources and Legal teams to carry out complex investigations. We are looking for people that have a strong technical background, experience with computer forensics, data analytics, system and network administration, and the ability to build tools and/or automate tasks.
Security Engineer, Insider Trust Responsibilities
Individual pay is determined by skills, qualifications, experience, and location. Compensation details listed in this posting reflect the base salary only, and do not include bonus, equity or sales incentives, if applicable. In addition to base salary, Meta offers benefits. Learn more about benefits at Meta. Apply
The Insider Trust team is looking for a highly motivated Security Engineer to build and improve internal tools and systems to detect malicious activities related to insider threats. Candidates are expected to analyze and monitor internal tools, hunt for insider threats against company data and infrastructure, and and have the ability to carry out complex internal investigations from collection to reporting. As part of the role, this person will work side by side with our engineering teams to build advanced detection solutions to help keep systems and information safe, and partner closely with our Human Resources and Legal teams to carry out complex investigations. We are looking for people that have a strong technical background, experience with computer forensics, data analytics, system and network administration, and the ability to build tools and/or automate tasks.
Security Engineer, Insider Trust Responsibilities
- Lead cross-functional projects to improve our capabilities to effectively detect and respond to internal threats and security incidents
- Leverage threat modeling and analysis to build event and/or behavioral based detections to protect our critical assets and infrastructure
- Perform analysis of logs from a variety of sources (e.g., individual host logs, network traffic logs) to identify potential insider threats
- Build operational workflows and actions that auto-resolve false positives and provide context scaling our ability to investigate
- Identify gaps in our infrastructure, and work with software engineers, product managers, and business partners to gain visibility through logging and detection
- Perform live response, digital forensics, and analysis of a wide variety of assets including endpoints, mobile, servers and networking equipment
- Conduct insider trust investigations in a cross-functional environment and drive incident resolution
- 3+ years experience in an incident response and/or detection engineering role
- 3+ years programming experience with at least one of the following languages: Python, Python, PHP, and/or C++.
- 2+ years experience writing detection rules using anomaly based methods
- Master's degree in Computer Science/Engineering
- Networking and system administration experience of server (Linux, Windows) and client (Windows, macOS, Linux) operating systems
- Familiarity with multiple forensic tools (e.g. SIFT Workstation, Sleuthkit, F-Response Enterprise, EnCase, FTK, Cellebrite, X-Ways, Volatility, or open source tools) to perform analysis and/or memory collection
Individual pay is determined by skills, qualifications, experience, and location. Compensation details listed in this posting reflect the base salary only, and do not include bonus, equity or sales incentives, if applicable. In addition to base salary, Meta offers benefits. Learn more about benefits at Meta. Apply
Job Profile
Regions Countries Benefits/PerksBenefits Bonus Equity Long term conditions Mental health conditions Pregnancy-related support Religious beliefs
SkillsAccess C C++ Computer Forensics Computer Science Data & Analytics Detection Engineering Engineering Legal Linux Modeling Network administration Networking Operating Systems PHP Python Recruiting Software Engineering System Administration Technical Threat modeling
Tasks- Analyze logs from various sources
- Build event and/or behavioral based detections
- Build operational workflows
- Conduct live response and digital forensics
- Drive incident resolution
- Lead cross-functional projects
3+ years
EducationAnalytics Computer Science Data Analytics Engineering Master's degree Master’s Degree in Computer Science Master's Degree in Engineering Physics
TimezonesAmerica/Anchorage America/Chicago America/Denver America/Los_Angeles America/New_York Pacific/Honolulu UTC-10 UTC-4 UTC-5 UTC-6 UTC-7 UTC-8 UTC-9