Security Engineer, Malware Hunting
- Flexible / Remote
Facebook's mission is to give people the power to build community and bring the world closer together. Through our family of apps and services, we're building a different kind of company that connects billions of people around the world, gives them ways to share what matters most to them, and helps bring people closer together. Whether we're creating new products or helping a small business expand its reach, people at Facebook are builders at heart. Our global teams are constantly iterating, solving problems, and working together to empower people around the world to build community and connect in meaningful ways. Together, we can help people build stronger communities - we're just getting started.
Facebook's Malware Discovery team is looking for a Security Engineer with experience in investigating cyber threats, analyzing data to detect malware patterns and applying an adversarial mindset. The team investigates and measures the prevalence of abuse attributable to malicious software and its impact to Facebook or its community of users. They provide actionable insights and collaborate with other teams to implement scalable and durable solutions. The ideal candidate will have a background in hunting cyber threats, red/purple teaming and large scale data analysis. We are looking for someone who is a self-starter, result-driven, excellent at collaboration and passionate about finding threats or abuse.
- Actively engage with cross-functional partners across Facebook to understand their domains and determine how they are affected by malware.
- Proactively uncover, investigate and track new malware related threat vectors across Facebook.
- Effectively communicate findings on the severity, prevalence, or absence of malware in a space.
- Create and collaborate on tools and detections to discover or classify unknown malware.
- Determine if malware is the source of abusive or anomalous activity detected by other teams.
- Triage large volumes of files to extract signals for further investigation/discovery.
- Basic malware triage skills, such as using static and dynamic analysis tool
- Experience creating host or network based signatures (Yara, ClamAV, Suricata)
- Interest in exploring both traditional and nontraditional domains typically affected by malware
- Experience handling large amounts of data including scripting, data analysis, and presenting data in digest-able ways
- Experience with cross functional collaboration and experience communicating malware jargon in laymen terms, and engage in technical security discussions
- BA/BS in Computer Science, Data Science, or 2+ years similar work experience
- Experience in at least one scripting language such as PHP, Python, C++, or Java
- Experience with at least one SQL-like language
- Basic understanding of analysis on documents (DOC, PDF) and executables (APK, iOS, PE, ELF, MACHO)
- Knowledge in system internals for one or more of: Windows, macOS, Android, Linux, or iOS
- Knowledge with machine code in one or more architectures (x86, x64, ARM, MIPS, other)
- Knowledge with analyzing and decoding network traffic
- Experience with campaign tracking
- Experience with red team or purple team
Back to top