Job description

**Summary:** Meta's Offensive Security Group is seeking an experienced Offensive Security Engineer to join our team. As a key member of the team, you will be responsible for executing tactical, offensive assessments across various environments, emulating internal and external threats, and driving remediations to improve the organization's security posture. • *Required Skills:** Offensive Security Engineer Responsibilities: 1. Conduct offensive security engagements, including Red Team operations, threat-based evaluations, and vulnerability research and exploitation against both internal and external facing systems 2. Design, scope, and lead complex technical assessments, Purple Team Engagements, and other security initiatives to test attack detection and prevention effectiveness 3. Automate portions of assessments, scoping, or other offensive security work to inform and drive our engagements 4. Incorporate Threat Intelligence research to track APT trends and help partners test their environments against new and emerging threats 5. Collaborate with cross-functional teams, including Incident Response, Product Security, and other security partners, to align remediation efforts and drive fixes after testing cycles 6. Develop and maintain relationships with internal customers to identify and facilitate solutions to increase the impact of the team's work 7. Influence and align the team’s strategy, and collaboratively prioritize and deliver specific multi-year roadmaps and projects 8. Coach, mentor, support and care for the team in a way that enables long-term career development, happiness and success at scale • *Minimum Qualifications:** Minimum Qualifications: 9. Bachelor's degree (or foreign degree equivalent) in Information Systems Engineering, Computer Science, Engineering, Information Security, Cyber Security, Information Assurance, or equivalent experience 10. 5+ years of experience in Red Team Security Testing, Penetration Testing, and/or Cyber Threat Hunting 11. Demonstrated coding/scripting skills in one or more general purpose languages • *Preferred Qualifications:** Preferred Qualifications: 12. Knowledge of cloud computing platforms (e.g., AWS, Google Cloud Platform, Azure) and operating systems (Linux, Windows, macOS) 13. Experience working closely with defenders to identify and fix problems 14. Contributions to the security community (public research, blogging, presentations, bug bounty, tooling, etc) 15. Understanding of attack surfaces for enterprise systems and services 16. Offensive Security Certified Professional(OSCP) certification, or equivalent 17. Track record of participation in Capture The Flag competitions • *Public Compensation:** $147,000/year to $208,000/year + bonus + equity + benefits • *Industry:** Internet • *Equal Opportunity:** Meta is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law. Meta participates in the E-Verify program in certain locations, as required by law. Please note that Meta may leverage artificial intelligence and machine learning technologies in connection with applications for employment. Meta is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process. If you need any assistance or accommodations due to a disability, please let us know at accommodations-ext@fb.com. • *Summary:** Meta's Offensive Security Group is seeking an experienced Offensive Security Engineer to join our team. As a key member of the team, you will be responsible for executing tactical, offensive assessments across various environments, emulating internal and external threats, and driving remediations to improve the organization's security posture. • *Required Skills:** Offensive Security Engineer Responsibilities: 1. Conduct offensive security engagements, including Red Team operations, threat-based evaluations, and vulnerability research and exploitation against both internal and external facing systems 2. Design, scope, and lead complex technical assessments, Purple Team Engagements, and other security initiatives to test attack detection and prevention effectiveness 3. Automate portions of assessments, scoping, or other offensive security work to inform and drive our engagements 4. Incorporate Threat Intelligence research to track APT trends and help partners test their environments against new and emerging threats 5. Collaborate with cross-functional teams, including Incident Response, Product Security, and other security partners, to align remediation efforts and drive fixes after testing cycles 6. Develop and maintain relationships with internal customers to identify and facilitate solutions to increase the impact of the team's work 7. Influence and align the team’s strategy, and collaboratively prioritize and deliver specific multi-year roadmaps and projects 8. Coach, mentor, support and care for the team in a way that enables long-term career development, happiness and success at scale • *Minimum Qualifications:** Minimum Qualifications: 9. Bachelor's degree (or foreign degree equivalent) in Information Systems Engineering, Computer Science, Engineering, Information Security, Cyber Security, Information Assurance, or equivalent experience 10. 5+ years of experience in Red Team Security Testing, Penetration Testing, and/or Cyber Threat Hunting 11. Demonstrated coding/scripting skills in one or more general purpose languages • *Preferred Qualifications:** Preferred Qualifications: 12. Knowledge of cloud computing platforms (e.g., AWS, Google Cloud Platform, Azure) and operating systems (Linux, Windows, macOS) 13. Experience working closely with defenders to identify and fix problems 14. Contributions to the security community (public research, blogging, presentations, bug bounty, tooling, etc) 15. Understanding of attack surfaces for enterprise systems and services 16. Offensive Security Certified Professional(OSCP) certification, or equivalent 17. Track record of participation in Capture The Flag competitions • *Public Compensation:** $147,000/year to $208,000/year + bonus + equity + benefits • *Industry:** Internet • *Equal Opportunity:** Meta is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law. Meta participates in the E-Verify program in certain locations, as required by law. Please note that Meta may leverage artificial intelligence and machine learning technologies in connection with applications for employment. Meta is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process. If you need any assistance or accommodations due to a disability, please let us know at accommodations-ext@fb.com.

Requirements