Security Engineering Manager, Threat Detection and Incident Response

Facebook's mission is to give people the power to build community and bring the world closer together. Through our family of apps and services, we're building a different kind of company that connects billions of people around the world, gives them ways to share what matters most to them, and helps bring people closer together. Whether we're creating new products or helping a small business expand its reach, people at Facebook are builders at heart. Our global teams are constantly iterating, solving problems, and working together to empower people around the world to build community and connect in meaningful ways. Together, we can help people build stronger communities â€" we're just getting started.

Facebook is in search of the world’s most creative and driven engineering leaders. We embrace entrepreneurs as well as those who come from more established organizations. Facebook’s Threat Detection and Incident Response team is seeking an experienced Security Engineering Manager to help keep our two billion users safe from real world threats. You will build large, distributed solutions to allow us to hunt for bad actors, triage high quality detections and respond with informed skill and insight. We are looking for someone like you with a real passion for security and the knowledge that it begins with people.


  • Lead a team of high-performing security engineers developing solutions to hunt aggressively, implement high quality detection and response.
  • Develop a roadmap for future work, track progress against it, and evaluate the team's performance.
  • Hold your own in technical discussion, be a subject matter authority, and have strategic influence.
  • Identify new techniques and solutions which increase the team's ability to better protect company and user data.
  • Provide mentorship, support, and career development opportunities for team members and enable the team to scale.
  • Work with other Infrastructure teams to divide and conquer challenges related to a broad spectrum of threat actors.
  • Solutions will be required for everything from low-level but persistent actors to nation state actors.
  • Build positive relationships with internal partners to identify and facilitate solutions to increase the impact of the team's work.
  • Contribute to the growth and development of the Infrastructure organization.
  • Experience in at least one of PHP, Python, C, C++, or Java.
  • Experience in threat detection, forensics, incident response or a related field. This may include software development, threat intelligence, or other related endeavors.
  • Experience recruiting and leading technical teams, including performance management.
  • Experience translating technical concepts into language that is relevant to many audiences, including software engineers, business and technical leaders and external security community members and press.
  • BA/BS in Computer Science or 4+ years work experience.

Back to top