Offensive Security Engineer, Purple Team

Meta's Offensive Security Group is looking for a Purple Team Offensive Security Engineer that use their in-depth subject-matter knowledge to test attack detection and prevention effectiveness across our environments. Candidates are expected to scope, prepare, and deliver technology-oriented assessments that positively benefit the overall security posture of the organization. This role requires a desire to help drive fixes after testing cycles, both as short-term mitigations and long-term improvements.
This position offers a variety of technical security challenges; self-starters and those with a passion for the security field are encouraged to apply!Offensive Security Engineer, Purple Team Responsibilities

• Design, scope, and lead Purple Team Engagements focused on working with partners to execute relevant Tactics, Techniques, and Procedures to provide information used to harden protections.
• Automate the creation of Tactics, Techniques, and Procedures, portions of engagements, and other offensive security work to inform and drive our engagements.
• Incorporate Threat Intelligence research to track APT trends and help our partners test their environments against new and emerging threats.
• Work with Incident Response, Product Security, and other security partners to align remediation efforts that best protect the company.

Minimum Qualifications

• 4+ years of experience Red Teaming, Penetration Testing, and/or Cyber Threat Hunting.
• Knowledge of at least one cloud computing platform (e.g., AWS, GCP, Azure)
• Knowledge of server (Linux, Windows) and client (Windows, macOS, Linux) operating systems.
• Knowledge and understanding of attack surfaces for enterprise systems and services.
• Experience working closely with defenders to identify and fix problems.

Preferred Qualifications

• Experience performing and leading closed source and code assisted assessments.
• Experience with complex, multi-stage, multi-person engagements for internal partners.
• Experience building infrastructure using DevOps technologies and concepts to support offensive security teams.
• Background in intrusion detection, security investigations, and incident response.
• Experience “threat hunting”. (i.e., using threat intel to proactively and iteratively investigate these potential risks and finding suspicious behavior in the network)
• OSCP certification, or equivalent.
• Track record of participation in capture the flag (CTF) competitions.
• Contributions to the security community (e.g., public research, blogging, presentations, bug bounty, tooling, etc.)
• Understand not only how something works on a in-depth, technical level, but also how it can be used for unintended purposes as an attacker.

For those who live in or expect to work from California if hired for this position, please click here for additional information. LocationsAbout Meta Meta builds technologies that help people connect, find communities, and grow businesses. When Facebook launched in 2004, it changed the way people connect. Apps like Messenger, Instagram and WhatsApp further empowered billions around the world. Now, Meta is moving beyond 2D screens toward immersive experiences like augmented and virtual reality to help build the next evolution in social technology. People who choose to build their careers by building with us at Meta help shape a future that will take us beyond what digital connection makes possible today—beyond the constraints of screens, the limits of distance, and even the rules of physics.
$147,000/year to $208,000/year + bonus + equity + benefits

Individual compensation is determined by skills, qualifications, experience, and location. Compensation details listed in this posting reflect the base hourly rate, monthly rate, or annual salary only, and do not include bonus, equity or sales incentives, if applicable. In addition to base compensation, Meta offers benefits. Learn more about benefits at Meta.

Equal Employment Opportunity and Affirmative Action Meta is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, reproductive health decisions, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, genetic information, political views or activity, or other applicable legally protected characteristics. You may view our Equal Employment Opportunity notice here.
Meta is committed to providing reasonable support (called accommodations) in our recruiting processes for candidates with disabilities, long term conditions, mental health conditions or sincerely held religious beliefs, or who are neurodivergent or require pregnancy-related support. If you need support, please reach out to accommodations-ext@fb.com.