Security Engineering Manager, Malware Discovery

    • Washington, DC

Facebook's mission is to give people the power to build community and bring the world closer together. Through our family of apps and services, we're building a different kind of company that connects billions of people around the world, gives them ways to share what matters most to them, and helps bring people closer together. Whether we're creating new products or helping a small business expand its reach, people at Facebook are builders at heart. Our global teams are constantly iterating, solving problems, and working together to empower people around the world to build community and connect in meaningful ways. Together, we can help people build stronger communities - we're just getting started.

Facebook's Malware Discovery team is looking for a Security Engineering Manager with skills and passion in investigating cyber threats, analyzing data to detect malware patterns and applying an adversarial mindset. This person will be responsible for leading, developing and scaling a team that investigates and measures the prevalence of abuse attributable to malicious software and its impact to Facebook or its community of users. The team provides actionable insights and collaborates with partners to implement scalable and durable solutions.

The ideal candidate will have a background in leading teams, driving strategy, hunting cyber threats, red/purple teaming and large scale data analysis. We are looking for someone who is a self-starter, result-driven, excellent at collaboration and passionate about building a team to hunt and mitigate abuse at scale.

  • Build and manage a high-performance team in the infrastructure organization.
  • Coach, mentor, and ensure high performance in a fast-paced environment.
  • Develop and hone strategy to build, scale and expand services focused on software analysis.
  • Build a program to maximize the team's impact, including creating team policies, making process improvements, and working with partner engineering and problem teams.
  • Actively engage with cross-functional partners across Facebook to understand their domains and determine how they are affected by malware.
  • Proactively uncover, investigate and track new malware related threat vectors across Facebook
  • triage large volumes of files to extract signals for further investigation/discovery.
  • Determine if malware is the source of abusive or anomalous activity detected by other teams.
  • Effectively communicate findings on the severity, prevalence, or absence of malware in a space.
  • Create and collaborate on tools and detections to discover or classify unknown malware.
  • 2+ years of leadership/management experience.
  • Experience supporting a security engineering team.
  • Basic malware triage skills, such as using static and dynamic analysis tool.
  • Experience creating host or network based signatures (Yara, ClamAV, Suricata).
  • Interest in exploring both traditional and nontraditional domains typically affected by malware.
  • Experience handling large amounts of data (e.g. scripting, data analysis, and presenting data in digestible ways).
  • Cross functional collaboration (e.g. experience communicating malware jargon in layman terms, and engaging in technical security discussions).
  • BA/BS in Computer Science, Data Science, or 2+ years similar work experience.
  • Experience in at least one of PHP, Python, C++, or Java.
  • Experience with SQL or similar language.
  • Basic understanding of analysis on documents (DOC, PDF) and executables (APK, iOS, PE, ELF, MACHO).
  • Knowledge in system internals for one or more of the following: Windows, macOS, Android, Linux, or iOS.
  • Knowledge with machine code in one or more architectures (x86, x64, ARM, MIPS, other).
  • Knowledge with analyzing and decoding network traffic.
  • Experience with campaign tracking.
  • Experience with red team or purple team.
Facebook is proud to be an Equal Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law.Facebook is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process. If you need any assistance or accommodations due to a disability, please let us know at

Back to top