Security Engineer, Incident Response

Meta Security is looking for an Incident Response Engineer with experience coordinating, investigating and responding to internal and external threats. You will help the team establish, lead and execute multi-year roadmaps to mature investigative and response services, drawing upon automation and cross functional partnerships to create scalable and resilient operational capabilities.

Security Engineer, Incident Response Responsibilities

1. Conduct security investigations and lead security incident response in a cross-functional environment and drive incident resolution.
2. Develop Incident Response initiatives that improve our capabilities to effectively respond and remediate security incidents.
3. Refine operational metrics, key performance indicators, and service level objectives to measure Security Operations and Incident Response services.
4. Influence and align the team’s vision and strategy. Collaboratively prioritize and deliver specific multi-year roadmaps and projects.
5. Build, cultivate, and maintain positive relationships with internal customers to identify and facilitate solutions to increase the impact of the team's work.
6. Partner with cross-functional teams to solve challenges related to a broad spectrum of detection and response initiatives.
7. Collaborate with software and production engineering teams to develop scalable and flexible Incident Response and Investigative solutions.
8. Focus on ruthlessly prioritizing, automating and scaling every aspect of our detection and response capabilities.
9. Coach, mentor, support and care for the team in a way that enables long-term career development, happiness and success at scale.

Minimum Qualifications

1. 10+ years of work experience in Security Incident Response and Detection & Response Engineering in a large, regulated organization.
2. Be a technical and process subject matter expert regarding Security Operations and Incident Response services.
3. Experience developing and delivering information on incident and program status for senior leadership.
4. Experience leading and managing complex cross-functional programs.
5. Experience responding to both external and insider threats.
6. Experience analyzing network and host-based security events.
7. Knowledge of networking technologies, specifically TCP/IP and the related protocols.
8. Knowledge of operating systems, file systems, and memory structures on Windows, MacOS and Linux.
9. Coding/scripting experience in one or more general purpose languages.
10. Experience with attacker tactics, techniques, and procedures.

Preferred Qualifications

1. Background in malware analysis, digital forensics, intrusion detection, and/or threat intelligence.
2. Experience in threat hunting including leveraging intelligence data to proactively identify and iteratively investigate suspicious behavior across networks and systems.
3. Broad knowledge across the Security domain, as well as deep focus in one (or more) areas such as Logs and events processing, Incident Management, Digital Forensics, Detection and/or response tool development.
4. Experience recruiting, building, and leading technical teams, including performance management.

#J-18808-Ljbffr