Security Engineer, Investigations & Response
- Meta
- Full Time
- Cyber Security
- Remote-UK
- Other
Remote Job Description
Meta Security is looking for an Incident Response Engineer with experience in the identification, containment and mitigation of security incidents. You will be analyzing different data sources to detect, investigate and respond to internal and external threats. You will also be working with our software and production engineering teams to develop scalable systems to automate detection and remediation and help us build the next generation of security operations and response platforms.
Security Engineer, Investigations & Response Responsibilities
- Lead security incident response in a cross-functional environment and drive incident resolution.
- Lead and develop Incident Response initiatives that improve Meta’s capabilities to effectively respond and remediate security incidents.
- Perform digital forensic acquisition and analysis of a wide variety of assets including endpoints, mobile, servers and networking equipment.
- Perform log analysis from a variety of sources (e.g., individual host logs, network traffic logs) to identify potential threats.
- Perform security incident root cause analysis and drive implementation of containment and mitigation strategies.
- Build automation for response and remediation of malicious activity.
Minimum Qualifications
- Extensive experience in Security Incident Response and Detection & Response Engineering.
- Knowledge of networking technologies and experience analyzing network-based security events.
- Knowledge of operating systems, file systems, and memory structures and experience in host and memory forensics (including live response) on Windows, macOS and Linux.
- Experience investigating and responding to both external and insider threats.
- Coding/scripting experience in one or more general purpose languages.
- Experience with attacker tactics, techniques, and procedures.
- Bachelor's degree or equivalent experience in Security.
Preferred Qualifications
- Experience as a Lead Security Incident Responder and Investigator in a large and regulated organization.
- Background in malware analysis, digital forensics, intrusion detection, and/or threat intelligence.
- Experience in threat hunting including the ability to leverage intelligence data to proactively identify and iteratively investigates suspicious behavior across networks and systems.
- Broad knowledge across the Security domain, as well as deep focus in one (or more) areas such as Logs and events processing, Incident Management, Digital Forensics, Detection and/or response tool development.