Skip to main content

Security Engineer, Threat Detection and Response, F2 (Facebook Financial)

Posted: 21 Jun 2021 Closes: 21 Jul 2021
Tel Aviv, Israel Competitive
Permanent & Full-time 1588307999

F2 (Facebook Financial) is a product group at Facebook focused on building products to ensure that everyone, everywhere has access to the world's financial system to accelerate financial inclusion and economic empowerment. We're looking for a Security Engineer to work closely with Software Engineers, Security Engineers, Compliance, and Legal to support threat detection and response engineering at F2. You will be responding to threats, building advanced and novel detection mechanisms, performing searches for sophisticated and previously unknown malware, and developing systems to automate remediation. You'll work with some of the brightest minds in the industry in a data driven culture, use cutting edge technology, and see your efforts affect products and people on a regular basis. You should have a passion for detecting malicious activity, responding to intrusions, and developing new signatures or methodologies to detect bad activity.

Security Engineer, Threat Detection and Response, F2 (Facebook Financial) Responsibilities

  • Search for gaps in our infrastructure: proactively identify malicious activity that we are not currently able to detect

  • Analyze logs, packets, and alerts for signs of malicious activity

  • Create signatures and tools to analyze and detect malicious activity

  • Build automation for response and remediation of malicious activity

  • Support incident response by investigating security intrusions

  • Drive implementation of countermeasures, mitigations, and containment

Minimum Qualifications

  • Bachelors degree in Computer Science or equivalent experience

  • 4+ years of experience in detection, response, or security engineering.

  • Experience designing and building out security monitoring to aid in detection or forensic investigations

  • Coding/scripting experience in one or more general purpose languages

  • Knowledge of networking technologies, specifically TCP/IP and the related protocols

  • Knowledge of operating systems, file systems, and memory on MacOS, Linux or Windows

  • Experience with attacker tactics, techniques and procedures

Preferred Qualifications

  • Experience with rule-driven and analysis-driven network platforms like Bro and Suricata

  • Experience hunting, i.e. using threat intel to proactively and iteratively investigates these potential risks and finding suspicious behavior in the network

  • Experience in host and memory forensics (including live response) for Windows, OSX, and/or Linux

  • Background in malware analysis, intrusion detection, and/or threat intelligence


About the Facebook company

Facebook's mission is to give people the power to build community and bring the world closer together. Through our family of apps and services, we're building a different kind of company that connects billions of people around the world, gives them ways to share what matters most to them, and helps bring people closer together. Whether we're creating new products or helping a small business expand its reach, people at Facebook are builders at heart. Our global teams are constantly iterating, solving problems, and working together to empower people around the world to build community and connect in meaningful ways. Together, we can help people build stronger communities - we're just getting started.

Facebook is committed to providing reasonable support (called accommodations) in our recruiting processes for candidates with disabilities, long term conditions, mental health conditions or who are neurodivergent, and to candidates with sincerely held religious beliefs or requiring pregnancy related support. If you need support, please reach out to
If you would like help and advice about applying for this role please visit the Career Hive

Share Job

If you would like help and advice about applying for this role please visit the Career Hive