Security Engineer, Vulnerability Management

The Meta Security Organization is seeking a passionate and experienced Security Engineer to help us mature Meta’s security posture through our vulnerability management program. Our team strives to go beyond identifying vulnerabilities by preventing security problems during the development process to eliminate entire classes of vulnerabilities.

Do you have experience analyzing vulnerabilities and building vulnerability management programs? Can you identify when a vulnerability is critical enough to require real-time security response? Have you partnered with cross-functional partners to measure and improve how to identify, fix, and prevent vulnerabilities? Does the idea of having a meaningful and measurable impact on the security of one of the world's largest infrastructures, which serves billions of people, sound exciting to you? Well, good news, we need your help!Security Engineer, Vulnerability Management Responsibilities

• Analyze vulnerabilities to determine the real impact to our systems and applications, incorporating threat intelligence.
• Drive solutions that enable high fidelity vulnerability contextualization, tracking, and remediation.
• Influence what areas of the vulnerability pipeline would most benefit from automation to improve operational efficiency and influence the team to prioritize the work.
• Dive into large datasets to identify strategic opportunities for security posture improvement.
• Influence the Meta-wide vulnerability management strategy, collaborating with partners to deliver multi-year roadmaps, while coaching and supporting team members.
• Provide rapid-response vulnerability analysis for active zero-days and participate in regular on-call vulnerability management rotation.

Minimum Qualifications

• B.S. or M.S. in Computer Science or related field, or equivalent experience.
• 3+ years of experience in identifying security vulnerabilities, issues, risks, and developing mitigation plans.
• 2+ years of experience in network, system, or software architecture: design, implementation, support, and evaluation of security-focused tools and services.
• Technical and process subject matter expert regarding vulnerability management operations and company-wide programs to address the risk at scale.
• Experience responding to both external and insider threats.
• Coding/scripting experience in one or more general purpose languages.

Preferred Qualifications

• Experience generating automated metrics to measure service and program effectiveness and consistency.
• Experience making contributions to the security or privacy community (public research, blogging, presentations, etc.).
• Background in malware analysis, digital forensics, intrusion detection, and/or threat intelligence.
• Broad knowledge across the security domain.
• Experience with attacker tactics, techniques, and procedures.

For those who live in or expect to work from California if hired for this position, please click here for additional information. About Meta Meta builds technologies that help people connect, find communities, and grow businesses. When Facebook launched in 2004, it changed the way people connect. Apps like Messenger, Instagram and WhatsApp further empowered billions around the world. Now, Meta is moving beyond 2D screens toward immersive experiences like augmented and virtual reality to help build the next evolution in social technology. People who choose to build their careers by building with us at Meta help shape a future that will take us beyond what digital connection makes possible today—beyond the constraints of screens, the limits of distance, and even the rules of physics.
$117,000/year to $173,000/year + bonus + equity + benefits

Individual compensation is determined by skills, qualifications, experience, and location. Compensation details listed in this posting reflect the base hourly rate, monthly rate, or annual salary only, and do not include bonus, equity or sales incentives, if applicable. In addition to base compensation, Meta offers benefits. Learn more about benefits at Meta.

Equal Employment Opportunity and Affirmative Action Meta is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, reproductive health decisions, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, genetic information, political views or activity, or other applicable legally protected characteristics. You may view our Equal Employment Opportunity notice here.
Meta is committed to providing reasonable support (called accommodations) in our recruiting processes for candidates with disabilities, long term conditions, mental health conditions or sincerely held religious beliefs, or who are neurodivergent or require pregnancy-related support. If you need support, please reach out to accommodations-ext@meta.com.