Application Security Engineer - Enterprise Engineering

Meta's Enterprise Application Security team is seeking a security engineer with an interest in exploring complex security problems, identifying weaknesses, and crafting creative solutions to eliminate those weaknesses at scale. We don't just identify and help fix security vulnerabilities - we go beyond by preventing security problems before they exist. You will be expected to interact with developers and engineers across large organizations using your in-depth subject-matter technical knowledge. You will be relied upon to provide application and infrastructure teams with security guidance and direction necessary to build the secure enterprise that underpins Meta.Application Security Engineer - Enterprise Engineering Responsibilities

• Conceive, design, develop and improve industry-leading security tooling, automation and/or frameworks that enable enterprise teams at scale to deliver applications and services with appropriate security controls to meet evolving requirements for security and privacy
• Identify and eliminate classes of security problems by shifting detection and prevention left into the development workflow
• Provide just-in-time, actionable, technical security guidance to enterprise application and service teams through code reviews, penetration tests, adversarial testing, threat modeling, architecture design reviews, and other security activities
• Identify and prioritize areas of improvement for security maturity across the enterprise
• Ensure prioritization, resourcing, and timely delivery of work within a changing business environment
• Collaborate with cross-functional teams to ensure security work is being prioritized and addressed

Minimum Qualifications

• 5+ years work experience writing production-level code in Python, PHP, Java, Ruby, Go, Rust, C/C++, or similar language
• 5+ years of work experience identifying and mitigating security issues in software (Python, PHP, Java, Ruby, Go, Rust, C/C++ or similar language) and knowledge of best practice secure code development
• Experience in designing, analyzing and conducting threat model assessments of enterprise software and services
• Experience fixing enterprise security problems across broad corporate boundaries using influence and relationships
• Experience owning a particular component, feature or system
• Demonstrated attention to detail and experience to craft clear and concise documentation for a diverse range of stakeholders

Preferred Qualifications

• B.S. or M.S. in Computer Science, Engineering, or related technical discipline, or equivalent experience
• Experience in penetration testing or red team operations
• Experience automating application security controls in large-scale enterprise environments
• Experience writing software that enables or evaluates security controls in complex systems
• Experience building and securing enterprise-scale software, services, and infrastructure
• Broad knowledge of the security domain, which may include security investigations, incident management, digital forensics, offensive security, vulnerability management, application security, and other security disciplines
• Contributions to the security community (public research, blogging, presentations, bug bounty, etc.)

For those who live in or expect to work from California if hired for this position, please click here for additional information. LocationsAbout Meta Meta builds technologies that help people connect, find communities, and grow businesses. When Facebook launched in 2004, it changed the way people connect. Apps like Messenger, Instagram and WhatsApp further empowered billions around the world. Now, Meta is moving beyond 2D screens toward immersive experiences like augmented and virtual reality to help build the next evolution in social technology. People who choose to build their careers by building with us at Meta help shape a future that will take us beyond what digital connection makes possible today—beyond the constraints of screens, the limits of distance, and even the rules of physics.
$147,000/year to $208,000/year + bonus + equity + benefits

Individual compensation is determined by skills, qualifications, experience, and location. Compensation details listed in this posting reflect the base hourly rate, monthly rate, or annual salary only, and do not include bonus, equity or sales incentives, if applicable. In addition to base compensation, Meta offers benefits. Learn more about benefits at Meta.

Equal Employment Opportunity and Affirmative Action Meta is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, reproductive health decisions, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, genetic information, political views or activity, or other applicable legally protected characteristics. You may view our Equal Employment Opportunity notice here.
Meta is committed to providing reasonable support (called accommodations) in our recruiting processes for candidates with disabilities, long term conditions, mental health conditions or sincerely held religious beliefs, or who are neurodivergent or require pregnancy-related support. If you need support, please reach out to accommodations-ext@fb.com.