|Preferred GIAC Certifications||GCIH|
Facebook's Security team is looking for an Incident Response Engineer with extensive experience in identifying, scoping, containing and eradicating real-world threats. We advance Facebook's mission of making the world more open and connected by identifying and neutralizing threats that aim to collect sensitive information or disrupt our infrastructure. Candidates are expected to translate their skills into goal oriented projects that improve identification and response time and reduce functional or informational impact when an incident occurs. Those with a desire to just wait for an incident to occur or to 'shoot from the hip' need not apply.
Further develop our incident response program
Respond to compromised assets (phones, laptops, servers) in our Corporate and Production environments around the world
Identify and execute on projects that improve our intrusion detection and incident response capabilities at Facebook scale
Perform research to identify new ways of achieving our mission, with an emphasis on open-sourcing tools or process wherever possible.
* Experience in identifying, analyzing, scoping, containing and eradicating real-world threats
* Knowledge of incident response phases and concepts
* Experience with scripting and/or coding. Open source projects or commits
* 3+ years experience in developing, responding and analyzing technical security incident response
* 3+ years experience with networking
Experience with Linux and MacOS investigations