Incident Response Engineer

(London, United Kingdom)

Facebook's mission is to give people the power to build community and bring the world closer together. Through our family of apps and services, we're building a different kind of company that connects billions of people around the world, gives them ways to share what matters most to them, and helps bring people closer together. Whether we're creating new products or helping a small business expand its reach, people at Facebook are builders at heart. Our global teams are constantly iterating, solving problems, and working together to empower people around the world to build community and connect in meaningful ways. Together, we can help people build stronger communities - we're just getting started.

Facebook's Security team is looking for an Incident Response Engineer with extensive experience in identifying, scoping, containing and eradicating real-world threats. We advance Facebook's mission of making the world more open and connected by identifying and neutralizing threats that aim to collect sensitive information or disrupt our infrastructure. Candidates are expected to translate their skills into goal oriented projects that improve identification and response time and reduce functional or informational impact when an incident occurs. Those with a desire to just wait for an incident to occur or to 'shoot from the hip' need not apply. Competitive Salary including the following benefits apply: ;Medical Benefits ;Dental Benefits ;Vision Benefits ;Pension Benefits ;Life Assurance ;Ride2Work ;Childcare Benefits ;Gym Benefits ;Transport benefits ;Laundry Benefit Posted: 21/12/2017 Closing date: 21/1/2018


  • Further develop our incident response program
  • Respond to compromised assets (phones, laptops, servers) in our Corporate and Production environments around the world
  • Identify and execute on projects that improve our intrusion detection and incident response capabilities
  • Perform research to identify new ways of achieving our mission, with an emphasis on open-sourcing tools or process wherever possible.
Minimum Qualifications
  • Experience in identifying, analyzing, scoping, containing and eradicating real-world threats
  • Knowledge of incident response phases and concepts
  • 3+ years experience in developing, responding and analyzing technical security incident response for infrastructure
  • 2+ years Experience in developing intrusion detection techniques with products like Bro, Suricata and SNORT Tools
  • 3+ years experience with networking and Linux.
  • Experience with scripting and coding. Open source projects or commits.
We're proud to be the #1 Most Recommended Tech Company according to Glassdoor. Learn more:

Meet Some of Facebook's Employees

Lauren W.

Global Marketing Lead, Facebook Blueprint

As the marketing lead for Facebook’s Blueprint program, Lauren focuses on building awareness around the program and the adoption of education and training by businesses and advertisers.

Kahina V.

Director of Global Financial Services Partnerships

Kahina and her team help launch new financial products and services on the Facebook platform by acting as the company’s voice into the global finance industry.

Back to top