Facebook's mission is to give people the power to build community and bring the world closer together. Through our family of apps and services, we're building a different kind of company that connects billions of people around the world, gives them ways to share what matters most to them, and helps bring people closer together. Whether we're creating new products or helping a small business expand its reach, people at Facebook are builders at heart. Our global teams are constantly iterating, solving problems, and working together to empower people around the world to build community and connect in meaningful ways. Together, we can help people build stronger communities - we're just getting started.
Facebook's security team is the central engine driving data and systems security at the company, supporting Facebook and all of its family of apps. The organization is responsible for inhibiting malicious actors from compromising our environment, detecting and responding to them before they do damage if they do, ensuring we are maintaining the protections we say we will, and engaging with the community to help those outside the company learn from the work we do. We work across all parts of the company, from the corporate infrastructure to production to external services, interfacing with nearly every team in the company.The team is looking for a Security Engineering Manager with experience supporting teams of engineers who focus on the discovery, containment, and mitigation of threat actors. The work includes protecting the company from internal and external threat actors across our entire infrastructure. We are building security operations and response platforms to support the scale and security of Facebook. You will be analyzing different sources of information leveraged for detection, responding to and investigating incidents and working with our software and production engineering teams to develop scalable systems to automate detection and remediation.
1. Support a team of security engineers who hunt, detect, and respond to internal and external threats.
2. Influence and align the organization’s vision and strategy, while engaging your team to develop and deliver specific, multi-year roadmaps, programs, and projects. Ensure prioritization, resourcing, and timely delivery of this work within a changing business environment.
3. Define operational metrics, key performance indicators, and service level objectives to assure the team achieves operational excellence.
4. Hire, grow, and build a high performing team capable of achieving the team’s mission.
5. Coach, mentor, support, and care for the team in a way that enables long-term career development, happiness, and success at scale.
6. Work with, partner, and influence other teams to solve challenges related to a broad spectrum of threat actors.
7. Build, cultivate, and maintain positive relationships with internal customers to identify and facilitate solutions to increase the impact of the team's work.
8. Be a broad technical and process subject matter expert regarding the services your team provides.
9. Collaborate with software and production engineering teams to develop scalable and flexible solutions for everything from low-level actors to nation state actors.
10. Focus on ruthlessly prioritizing, automating, and scaling every aspect of our detection and response capabilities.
11. 5+ years of work experience in software or security engineering, including 2+ years of proven hands-on technical management experience of security engineers.
12. Experience recruiting, building, and leading technical teams, including performance management.
13. Experience developing and delivering information on program status for senior leadership.
14. Experience leading and managing complex cross-functional programs.
15. Knowledge of operating systems, file systems, and memory on Windows, MacOS, or Linux.
16. Experience with an interpreted programming language (PHP, Python, Perl, Ruby, etc.).
17. Experience with attacker tactics, techniques and procedures.
18. BA/BS in Computer Science or 8+ years work experience in a leadership and management capacity.
19. Background in intrusion detection, security investigations, and incident response.
20. Experience “threat hunting”, i.e. using threat intel to proactively and iteratively investigate these potential risks and finding suspicious behavior in the network.
21. Broad knowledge across the Security domain, as well as deep focus in one (or more) areas such as: Logs and events processing, Incident Management, and Detection and/or Response tool development.
**Equal Opportunity:** Facebook is proud to be an Equal Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law. Facebook is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process. If you need any assistance or accommodations due to a disability, please let us know at firstname.lastname@example.org.