Facebook Security Engineer, Threat Detection in Menlo Park, California


Facebook's mission is to give people the power to build community and bring the world closer together. Through our family of apps and services, we're building a different kind of company that connects billions of people around the world, gives them ways to share what matters most to them, and helps bring people closer together. Whether we're creating new products or helping a small business expand its reach, people at Facebook are builders at heart. Our global teams are constantly iterating, solving problems, and working together to empower people around the world to build community and connect in meaningful ways. Together, we can help people build stronger communities — we're just getting started.


Facebook Security is looking for a Threat Detection Engineer with extensive experience in analysis of malware and intrusions. You will be the first line of defense for Facebook's infrastructure. You will advance Facebook's mission of making the world more open and connected by quickly identifying and analyzing threats that aim to collect sensitive/proprietary information or disrupt our business. We are looking for someone that loves hunting for bad guys, analyzing their malware and developing new signatures or methodologies to track their activity.

Required Skills:

  1. Drive proactive identification of threats to the environment and rapid deployment of countermeasures

  2. Develop and maintain industry relationships and relationships with members of the law enforcement, threat intelligence and digital asset protection communities

  3. Make threat intelligence actionable by integrating it with existing or novel detection capabilities

  4. Analyze malware, packets, alerts and logs for signs of malicious activity

  5. Write signatures and tools to analyze and detect malicious activity

Minimum Qualifications:

  1. Experience developing, collecting and analyzing threat intelligence

  2. Bachelors degree or equivalent experience in Security

  3. Background in malware analysis, intrusion detection and threat intelligence

  4. Experience writing analysis tools in C/C++, Python, PHP or similar language

  5. Experience with rule-driven and analysis-driven network platforms like Bro and Suricata

  6. Experience in cyber intelligence analytic methodologies such as Kill Chain, Diamond Model, threat modeling

  7. Experience with TCP/IP networking, and networking services such as DNS, SMTP, DHCP, etc.

Industry: Internet

Equal Opportunity: As part of our dedication to the diversity of our workforce, Facebook is committed to Equal Employment Opportunity without regard for race, color, national origin, ethnicity, gender, protected veteran status, disability, sexual orientation, gender identity, or religion. We are also committed to providing reasonable accommodations for qualified individuals with disabilities and disabled veterans in our job application procedures. If you need assistance or an accommodation due to a disability, you may contact us at accommodations-ext@fb.com or you may call us at 1+650-308-7837.