Facebook Security Engineering Manager, Incident Response in London, United Kingdom


Facebook's mission is to give people the power to build community and bring the world closer together. Through our family of apps and services, we're building a different kind of company that connects billions of people around the world, gives them ways to share what matters most to them, and helps bring people closer together. Whether we're creating new products or helping a small business expand its reach, people at Facebook are builders at heart. Our global teams are constantly iterating, solving problems, and working together to empower people around the world to build community and connect in meaningful ways. Together, we can help people build stronger communities — we're just getting started.


We are looking for a strong leader to manage and grow our breach detection and incident response team in London. The Facebook detection and response team is responsible for creating and analyzing detection signals, hunting for intrusions, and mounting a world-class response to attacks across the breadth of Facebook infrastructure and service layers. We're searching for a security innovator; someone who empowers teams of top-notch analysts to continually expand our capability to detect and respond to attacks. Over a billion people rely on our services as part of their daily lives. Whether they be family, friends or someone we've never met, people trust our services and infrastructure to be secure. Your work and expertise in building and leading this team will have an immediate global impact in upholding that promise. As a successful candidate, you will be a leader who is expected to define and execute a strategy that continually raises the industry bar around detection and response. You will be able to build, grow, and motivate a high performing team that is bold, innovative, and operations-driven. You will be an effective communicator regardless of audience or medium and be able to explain complex security issues simply. You will be able to consider the impact of tactical and strategic decisions by balancing their technical merit with any potential real-world risks. The successful candidate will play a pivotal part in expanding a robust and rapidly expanding security practice. Competitive Salary including the following benefits apply:* Medical Benefits * Dental Benefits * Vision Benefits * Pension Benefits * Life Assurance * Childcare Benefits * Gym Benefits* Transport benefits* Laundry Benefit * Posted:05 October 2017 Closing date*:28 November 2017

Required Skills:

  1. Define and drive a cohesive and defensible security strategy that inspires the team and is easy to understand and communicate both internally and externally.

  2. Build and run a world class security detection, analysis, and incident response program that is prepared and effective at identifying and responding to any type of security incident.

  3. Effectively scale by attracting and mentoring great people at various levels of experience to grow a well balanced, high performing team.

  4. Deliver innovative solutions to continually improve our incident detection, proactive hunting and IR capabilities at scale, across numerous products and platforms.

  5. Empower and leverage the open Facebook engineering culture.

  6. Have passion for real security and be able to positively spread this enthusiasm to partner teams across the organisation.

  7. Articulate security detection ideas and requirements clearly and be able to demonstrate the importance of a requirement via real world examples or data, while avoiding theoretical or hypothetical arguments.

  8. Build a data-driven operational program that continually improves over time based on meaningfully designed measurements.

Minimum Qualifications:

  1. 10+ years of relevant work experience, including hands-on technical management, subject matter expertise, and a proven ability to contribute at both strategic and operational levels

  2. Demonstrated ability to recruit and manage high performing technical teams

  3. Must be able to effectively develop and communicate a detection and response program with a forward looking strategy around scaling with Facebook's growth.

  4. Must be able to translate highly technical concepts into language that is meaningful to many audiences, including software engineers, business and technical leaders and external security community members and press.

  5. BA/BS in Computer Science

  6. MS in Information Security Policy and Management

Industry: Internet