Threat Investigator

Facebook's mission is to give people the power to build community and bring the world closer together. Through our family of apps and services, we're building a different kind of company that connects billions of people around the world, gives them ways to share what matters most to them, and helps bring people closer together. Whether we're creating new products or helping a small business expand its reach, people at Facebook are builders at heart. Our global teams are constantly iterating, solving problems, and working together to empower people around the world to build community and connect in meaningful ways. Together, we can help people build stronger communities - we're just getting started.

Facebook's Threat Intelligence teams are looking for investigators with extensive experience in investigating and analyzing online threat actors and their activity, and actively implementing countermeasures. The teams work on proactively understanding the global threat landscape as it manifests on our products or against our own corporate assets, and helps guide the company in its responses to these threats. Investigators will have the opportunity to work on some of the most challenging, complicated, and high-visibility security risks the company is facing. The potential for impact with this work is substantial, as outcomes could affect the billions of people who use our products.
The perfect candidate will have an investigative background, with experience in quantitative and technical fields and data-driven decision making. Highly qualified candidates will possess a professional understanding of security risk and geopolitical issues, and will have worked at a multinational company. It is highly important candidates are focused on results, and are self-starters.


  • Identify and investigate online bad actors with the interest and capability to target Facebook and its users
  • Track high priority threat campaigns and identify, develop and implement countermeasures
  • Lead technical investigations from start-to-finish, to include effectively communicating actionable results to different audience types
  • Investigate, mitigate, and forecast emerging technical trends
  • Engage constructively in cross-functional projects
  • Knowledge in Python, PHP, Perl, or similar scripting languages
  • Experience investigating and acting on high-impact threats and online threat actors
  • Experience conducting data analysis
  • Experience in thinking critically and qualifying assessments with communications experience
  • Proven track record of managing and executing on short-term and long-term projects
  • Experience prioritizing and executing with minimal direction or oversight
  • Experience working across the security community
  • Experience working with large-scale data analytics (e.g. Hadoop)
  • Ability to work with a team spanning multiple locations/time zones
  • Writing signatures as countermeasures
  • Familiarity with cross-platform threats
  • Regional knowledge and/or language skills
  • Understanding the intersection of global security risks, and how they apply to Facebook and its users

Back to top