Incident Response Engineer
Facebook's mission is to give people the power to build community and bring the world closer together. Through our family of apps and services, we're building a different kind of company that connects billions of people around the world, gives them ways to share what matters most to them, and helps bring people closer together. Whether we're creating new products or helping a small business expand its reach, people at Facebook are builders at heart. Our global teams are constantly iterating, solving problems, and working together to empower people around the world to build community and connect in meaningful ways. Together, we can help people build stronger communities - we're just getting started.
Facebook's Security team is looking for an Incident Response Engineer with extensive experience in identifying, scoping, containing and eradicating real-world threats. We advance Facebook's mission of making the world more open and connected by identifying and neutralizing threats that aim to collect sensitive information or disrupt our infrastructure. Candidates are expected to translate their skills into goal oriented projects that improve identification and response time and reduce functional or informational impact when an incident occurs. Those with a desire to just wait for an incident to occur or to 'shoot from the hip' need not apply.
- Further develop our incident response program
- Respond to compromised assets (phones, laptops, servers) in our Corporate and Production environments around the world
- Identify and execute on projects that improve our intrusion detection and incident response capabilities
- Perform research to identify new ways of achieving our mission, with an emphasis on open-sourcing tools or process wherever possible.
- Experience in identifying, analyzing, scoping, containing and eradicating real-world threats
- Knowledge of incident response phases and concepts
- 3+ years experience in developing, responding and analyzing technical security incident response for infrastructure
- 2+ years Experience in developing intrusion detection techniques with products like Bro, Suricata and SNORT Tools
- 3+ years experience with networking and Linux.
- Experience with scripting and coding. Open source projects or commits.
Back to top