Security Engineer, Identity and Access Management (IAM)

Meta
London
1 month ago
Create job alert

Security Engineer, Identity and Access Management (IAM)

Facebook's security team is the central engine driving data and systems security at the company, supporting Facebook and all of its family of apps. The org is responsible for inhibiting malicious actors from compromising our environment, detecting and responding to them before they do damage if they do, ensuring we are maintaining the protections we say we will, and engaging with the community to help those outside the company learn from the work we do. We work across all parts of the company, from the corporate infrastructure to production to external services, interfacing with nearly every team in the company. The Security Engineer should have prior experience with security policy, risk, and access management disciplines and be comfortable collaborating with cross-functional teams. This position will be responsible for identifying and enforcing solutions to control access to internal systems. An ideal candidate is someone that has technical knowledge of the broad aspects of information security, and is able to identify deficiencies in the access management space. This role specifically needs deep conceptual understanding of the IAM concepts that can be applied to our internal IAM solutions. This role requires a broad mix of security, technical, coding and communication skills coupled with a strong desire to learn. Some travel may be required.

Responsibilities

  1. Design and implement systems that enhance the security of Facebook’s Identity & Access Management Systems.
  2. Build and maintain tools that improve the Identity and Access Management posture at Meta.
  3. Conduct design and code reviews.
  4. Analyze and improve efficiency, scalability, and stability for assigned product area and/or systems.
  5. Identify and drive changes as needed for assigned codebase, product area and/or systems.
  6. Interface with other teams to incorporate their innovations and vice versa.
  7. Articulate security findings to a variety of stakeholders, including both technical and non-technical stakeholders.
  8. Provide defensible recommendations on technical, physical and administrative control implementations based on findings while balancing the cost versus benefits.
  9. Participate in the development and oversight of corrective actions relating to security issues.
  10. Participate in cross-functional, team, and status review meetings.
  11. Recommend process improvement and strategic initiatives as related to security.

Minimum Qualifications

  1. Experience in writing custom scripts in Python/C++ and PHP/Hack.
  2. BSc in Computer Science related field, or equivalent experience.
  3. Experience building large-scale distributed systems or similar experience.
  4. 5+ years of software development experience.
  5. Experience in assessing security deficiencies in first-party/internal information systems and recommending mitigating controls.
  6. 5+ years of proven experience working on Information Security teams or conducting Information Security consulting engagements.
  7. Knowledge of evaluating systems architectural designs, data-flow diagrams and technical security implementations, particularly in context of access management in different geographical locations.
  8. Experience with developing security reporting and recommendations that are meaningful, defensible and actionable for a variety of audiences.
  9. Ability to manage competing priorities and simultaneous projects in a fast-paced environment with little supervision.
  10. Strong communication skills - both written and verbal, interpersonal skills, and ability to work cross-functionally with various teams.

Preferred Qualifications

  1. Program and project management skills.
  2. Experience in the IAM domain in a cloud-based infrastructure environment.
  3. Good grasp of SOX, SOC2, NIST, PCI, ISO, and other security regulations.
  4. Strong analytical and problem-solving skills, including a basic understanding of data analysis techniques.

Locations

Data Center

About Meta

Meta builds technologies that help people connect, find communities, and grow businesses. When Facebook launched in 2004, it changed the way people connect. Apps like Messenger, Instagram and WhatsApp further empowered billions around the world. Now, Meta is moving beyond 2D screens toward immersive experiences like augmented and virtual reality to help build the next evolution in social technology. People who choose to build their careers by building with us at Meta help shape a future that will take us beyond what digital connection makes possible today—beyond the constraints of screens, the limits of distance, and even the rules of physics.

Equal Employment Opportunity and Affirmative Action

Meta is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, reproductive health decisions, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, genetic information, political views or activity, or other applicable legally protected characteristics. You may view our Equal Employment Opportunity notice here.

Meta is committed to providing reasonable support (called accommodations) in our recruiting processes for candidates with disabilities, long term conditions, mental health conditions or sincerely held religious beliefs, or who are neurodivergent or require pregnancy-related support. If you need support, please reach out to .

#J-18808-Ljbffr

Related Jobs

View all jobs

Cyber Security Engineer - Acron EAM/PAM

Cloud security engineer

SAP Security Engineer

Principal Security Engineer

Cloud Security Engineer

Security Engineer II, Industry Products - Fixed

Get the latest insights and jobs direct. Sign up for our newsletter.

By subscribing you agree to our privacy policy and terms of service.

Industry Insights

Discover insightful articles, industry insights, expert tips, and curated resources.

Jobs

Job-Hunting During Economic Uncertainty: Cyber Security Edition

The cybe rsecurity sector sits at the forefront of today’s digital landscape, defending businesses and governments alike from increasingly sophisticated threats. From incident response and network security to cloud protections and zero-trust architectures, cyber security professionals tackle an ever-evolving array of challenges. Yet, even this mission-critical field is not immune to economic turbulence. When broader financial markets experience uncertainty—whether through global recessions, regional downturns, or unexpected macro events—the hiring climate can shift, making roles more selective and budgets tighter. For job seekers in cyber security, this can be disconcerting. You might discover that once-abundant vacancies have become scarce, competition for the remaining positions is fiercer, or company priorities pivot away from large-scale expansions toward essential, cost-justified security projects. At the same time, data breaches and cyberattacks don’t pause during economic slowdowns—if anything, they may escalate as bad actors exploit organizational vulnerabilities. This paradox means that while the market feels tough, demand for cyber security expertise remains robust. In this article, we’ll look at: Why economic uncertainty affects cyber security hiring trends. Strategies for staying competitive, even if the number of open roles shrinks. Methods to highlight your skills, adapt to shifting priorities, and network effectively. Approaches for preserving mental well-being during prolonged searches or uncertain feedback loops. How www.cybersecurityjobs.tech can help you find the ideal security-focused role. By proactively sharpening your skill set, tailoring your professional profile, and engaging with a focused community, you can secure a rewarding cyber security job—even when the broader market feels volatile.

Careers

How to Achieve Work-Life Balance in Cyber Security Jobs: Realistic Strategies and Mental Health Tips

Cyber security is one of today’s most vital and rapidly expanding sectors. As data breaches, ransomware, and other cyber threats continue to evolve, the demand for skilled professionals is surging across industries—from finance and healthcare to government and e-commerce. Whether you’re a penetration tester, security analyst, or threat intelligence expert, you play a key role in safeguarding digital infrastructure and sensitive information. This high-stakes environment, however, often comes with intense pressure. Long hours, constant vigilance, and an ever-changing threat landscape can make it challenging to find time for personal well-being. Many cyber security specialists report difficulty striking a sustainable work-life balance, unsure if it’s even possible in a field that never truly sleeps. Yet, as concerns about mental health and burnout become more pressing, professionals and employers alike are seeking better ways to combine career advancement with a fulfilling personal life. In this comprehensive article, we’ll explore how to achieve a work-life balance in cyber security. You’ll discover strategies for managing 24/7 threat alerts, the importance of realistic expectations, ways to maintain mental health in high-intensity roles, and tips for setting boundaries without compromising your professional growth. Whether you’re new to this dynamic arena or already an established specialist, these insights can help you thrive personally and professionally in the fast-paced world of cyber security.

Careers

Transitioning from Academia to the Cyber Security Industry: How Researchers Can Harness Their Skills to Protect Commercial Environments

Cyber security has become a mission-critical field in an era where data breaches, ransomware attacks, and sophisticated hacking techniques threaten businesses and public institutions alike. As digital transformation touches nearly every facet of modern life, the need for highly skilled individuals capable of defending systems and networks continues to grow. For PhDs and academic researchers with expertise in areas like cryptography, network security, or threat intelligence, this presents an exciting opportunity to deploy your analytical prowess in a high-impact, fast-paced commercial setting. In this guide we’ll explore how academics can successfully pivot from the research lab to the cyber security industry. Learn how to apply rigorous, theory-driven approaches to real-world challenges, from designing secure software architectures to neutralising advanced persistent threats. By embracing the industry’s urgency and end-to-end mindset, you can transform your scholarly insights into robust, market-facing security solutions that protect companies and users on a global scale.

🍪 We use cookies to enhance your browsing experience on our website. By continuing to use this site, you consent to the use of cookies as described in our Cookie Policy. You can review our Cookie Policy for more information.