Product Security Incident Response Engineer

    • London, United Kingdom

Facebook's mission is to give people the power to build community and bring the world closer together. Through our family of apps and services, we're building a different kind of company that connects billions of people around the world, gives them ways to share what matters most to them, and helps bring people closer together. Whether we're creating new products or helping a small business expand its reach, people at Facebook are builders at heart. Our global teams are constantly iterating, solving problems, and working together to empower people around the world to build community and connect in meaningful ways. Together, we can help people build stronger communities - we're just getting started.

Facebook's Product Security team is seeking an Incident Response Engineer with extensive experience in identifying, scoping, containing and eradicating real-world privacy threats to applications. We are looking for Engineers with a passion for protecting security and privacy through triaging, mitigating, remediating and learning from security privacy incidents and application-level weaknesses potentially found in our systems. Your skills will be the foundation of security initiatives that protect the security and privacy of over two billion people and you will advance Facebook's mission of making the world more open and connected by identifying and neutralizing threats that aim to collect sensitive information or disrupt our applications. Come help us make life hard for the bad guys!
At Facebook, supporting our employees is a core part of how we do business. From our generous benefits to our robust diversity programs, we're focused on empowering all our employees to live life to the fullest and bring their best selves to work, each and every day. We're proud of our supportive and inclusive culture and our International Headquarter benefits from over 100 different nationalities. We are dedicated to making Facebook welcoming to everyone who comes to work with us and we actively seek to recruit people with different backgrounds and experiences to help us build better products, make better decisions and better serve our clients.

  • Initial triage & fact identification: for every incident initial triage occurs to understand what has happened in order to assess the scope of impact. As part of triage, facts / evidence about the incident are uncovered.
  • Mitigation, Remediation & clean up to addressing each incident.
  • Review/understand what happened: all incidents will be reviewed to understand what happened and ensure that the root cause and contributing factors are identified and documented.
  • Learn from each incident to ensure it doesn't resurface.
  • Enthusiasm for the constant fight to ensure security and privacy on the internet
  • Experience in identifying, analyzing, scoping, containing and eradicating real-world threats
  • Knowledge of incident response phases and concepts
  • 3+ years experience in developing, responding and analyzing technical security incident response for application and/or infrastructure breaches
  • Expertise with an interpreted programming language (PHP, Python, Perl, Ruby, etc)
  • Knowledge of internet privacy and application security issues
  • Experience managing large incidents
  • Contributions to the security community (public research, blogging, presentations, etc)


Back to top