Offensive Security Engineer

(Menlo Park, CA)

Facebook's mission is to give people the power to share, and make the world more open and connected. Through our growing family of apps and services, we're building a different kind of company that helps billions of people around the world connect and share what matters most to them. Whether we're creating new products or helping a small business expand its reach, people at Facebook are builders at heart. Our global teams are constantly iterating, solving problems, and working together to make the world more open and accessible. Connecting the world takes every one of us—and we're just getting started.

Facebook's Security team is looking for an offensive security engineer that can deliver technical leadership for our offensive security team and execute tactical, offensive assessments across our environments. This individual should have extensive experience across the attack lifecycle and a demonstrated capacity to lead an offensive security team. Candidates are expected to scope, prep and deliver goal-oriented assessments that positively benefit our prevention, detection and response capabilities. This role requires a desire to help drive fixes after testing cycles.

Responsibilities

  • Lead offensive capabilities for Facebook, including building out a long term strategy and approach
  • Develop the program and methodology that shapes how we approach this space
  • Document and model our infrastructure from an attacker's perspective
  • Build tooling to automate this and use this model to inform and drive our assessments
  • Perform scoped and open-ended assessments on internal and external facing systems
  • Perform research to identify new ways of achieving your mission, with an emphasis of open-sourcing wherever possible

Minimum Qualifications

  • Extensive experience performing internal and external assessments
  • Extensive experience in tailored reconnaissance, weaponization, exploitation and lateral movement
  • Experience in scripting and coding. Publicly released tools or modules are a plus
  • Strong networking knowledge, including network virtualization technologies
  • Strong knowledge of server (Linux, Windows) and client (Windows, OS X, Linux) operating systems
  • Strong knowledge of attack surfaces for common enterprise systems and services
  • A desire to shape our industry by open-sourcing and discussing tools, techniques, procedures and advancements we have made

Meet Some of Facebook's Employees

Peipei Z.

Manager, Global Client Solutions

Peipei helps Facebook’s top clients devise solution-based and results-driven social media strategies. She creates strategic partnerships to help people and brands connect in a more meaningful way.

Cristina T.

Sr. Manager, WhatsApp Customer Support & Localization

Cristina manages the WhatsApp customer experience, translating the application into multiple languages and troubleshooting communication services worldwide.


Back to top