Security Engineer Intern, IR Threat Intelligence
London, UK
Meta
Giving people the power to build community and bring the world closer together
Meta Security is looking for a Security Engineer with experience in threat modeling, TTP identification, and detection engineering. You’ll work alongside Security Analysts, Software Engineers and Offensive Security Engineers to identify critical assets, assess the top risks, and evaluate and detect potential internal and external attacks against Meta systems. You will be working across engineering teams supporting Production and Corporate systems to develop detection and response automation leveraging both industry-standard and custom detection and response platforms. You’ll generate detection ideas and implementations utilizing some of the world’s largest datasets and build on top of hyper-scale data pipelines.Security Engineer Intern, IR Threat Intelligence Responsibilities
Equal Employment Opportunity and Affirmative Action Meta is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, reproductive health decisions, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, genetic information, political views or activity, or other applicable legally protected characteristics. You may view our Equal Employment Opportunity notice here.
Meta is committed to providing reasonable support (called accommodations) in our recruiting processes for candidates with disabilities, long term conditions, mental health conditions or sincerely held religious beliefs, or who are neurodivergent or require pregnancy-related support. If you need support, please reach out to accommodations-ext@fb.com.
- Work in cross-functional projects to improve our capabilities to effectively detect and respond to security incidents
- Review security architecture of large-scale custom and commercial systems and independently propose logging, detection and prevention controls
- Perform TTP-based Threat Modeling for a wide variety of assets including endpoints, mobile, servers, internal services, public & private cloud environments and networking equipment
- Perform analysis against logs from a variety of sources (e.g., individual host logs, network traffic logs) to identify potential threats and detection ideas
- Build response workflows and actions that auto-resolve false positives and provide context scaling our ability to investigate
- Support security incident response in a cross-functional environment and drive incident resolution for internal and external threats
- Design and implement attack testing automation to validate detection coverage
- Build logging pipelines using our custom datasets and infrastructure
- Track threat clusters posing threats to Meta’s infrastructure and employees
- Improve the tooling of threat cluster tracking and intelligence data integration to existing systems and various intelligence feeds
- Currently enrolled in a full-time, degree-seeking program and in the process of obtaining a Bachelors or Masters degree in computer science or a related field
- Experience analyzing network and host-based security events
- Knowledge of networking technologies, specifically TCP/IP and the related protocols
- Knowledge of operating systems, file systems, and memory structures on Windows, MacOS and Linux
- Coding/scripting experience in one or more general purpose languages
- Experience with attacker tactics, techniques, and procedures
- Must obtain work authorization in country of employment at the time of hire, and maintain ongoing work authorization during employment
- Intent to return to full-time degree program after completion of the internship
- Experience in Detection & Response Engineering or similar Security Engineering role
- Experience designing systems used for responding to external and/or insider threats
- Experience building automations and integrations using SOAR platforms
- Background in security-focused software engineering, designing large scale systems and data pipelines, or offensive security
- Experience in threat hunting including leveraging intelligence data to proactively identify and iteratively investigates suspicious behavior across networks and systems
- Experience with anomaly detection applicable to the insider threat detection space
- Familiarity with campaign tracking techniques and skills to convert the tracking results to long term countermeasures
- Familiarity with threat modeling framework, such as Diamond Model and/or MITRE ATT&CK framework
- Experience with intelligence-driven threat hunting to spot suspicious activities and identify potential risks, and experience with building notebooks to automate such hunts
- Broad knowledge across the Security domain, as well as deep focus in one (or more) areas such as Logs and events processing, Incident Management, Digital Forensics, Offensive Security Testing, Detection and/or Response tooling development
Equal Employment Opportunity and Affirmative Action Meta is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, reproductive health decisions, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, genetic information, political views or activity, or other applicable legally protected characteristics. You may view our Equal Employment Opportunity notice here.
Meta is committed to providing reasonable support (called accommodations) in our recruiting processes for candidates with disabilities, long term conditions, mental health conditions or sincerely held religious beliefs, or who are neurodivergent or require pregnancy-related support. If you need support, please reach out to accommodations-ext@fb.com.
Job stats:
5
3
0
Categories:
Security Engineering Jobs
Threat Intel Jobs
Tags: Automation Cloud Computer Science Forensics Incident response Linux MacOS MITRE ATT&CK Offensive security Physics Scripting SOAR TCP/IP Threat detection Threat intelligence Windows
Perks/benefits: Career development Health care
Region:
Europe
Country:
United Kingdom
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.
Information Security Officer jobsInformation Systems Security Officer jobsInformation Security Manager jobsInformation System Security Officer jobsSenior Cybersecurity Engineer jobsInformation Security Specialist jobsSenior Network Security Engineer jobsSenior Cyber Security Engineer jobsSecurity Consultant jobsSenior Information Security Analyst jobsSenior Penetration Tester jobsSecurity Specialist jobsIT Security Engineer jobsCyber Security Specialist jobsPrincipal Security Engineer jobsChief Information Security Officer jobsInformation System Security Officer (ISSO) jobsCloud Security Architect jobsStaff Security Engineer jobsIT Security Analyst jobsCyber Security Architect jobsSecurity Operations Analyst jobsThreat Intelligence Analyst jobsCybersecurity Consultant jobsSenior Product Security Engineer jobs
SaaS jobsGDPR jobsForensics jobsEDR jobsEncryption jobsRMF jobsMalware jobsSplunk jobsSDLC jobsTop Secret jobsSQL jobsIDS jobsBash jobsIPS jobsDocker jobsIntrusion detection jobsDoDD 8570 jobsCompTIA jobsITIL jobsOWASP jobsTCP/IP jobsTerraform jobsFinance jobsActive Directory jobsCRISC jobs
UNIX jobsThreat detection jobsSANS jobsClearance Required jobsVPN jobsGIAC jobsJavaScript jobsBanking jobsPolygraph jobsAnsible jobsHIPAA jobsOSCP jobsDNS jobsIT infrastructure jobsMITRE ATT&CK jobsData Analytics jobsMachine Learning jobsGCIH jobsCCSP jobsJira jobsSOC 2 jobsSOAR jobsSOX jobsCISO jobsOracle jobs