The Security Posture Management team’s mission lies at the intersection of empowering engineers to work efficiently with minimal friction and maintaining the highest standards of security controls for our critical infrastructure. We are looking for a highly motivated and experienced Security Engineer to join our team!As a key member of the team, you will play a critical role in ensuring the security of Meta’s infrastructure. This is an exciting opportunity if you are passionate about solving complex security problems through innovative engineering solutions.In this role, you will be responsible for scaling the identification of risky infrastructure, insecure patterns, and vulnerabilities that may impact Meta’s data and systems in the cloud and on-prem. You will collaborate with other software, platform, and security engineers to design and ensure continuous security in alignment with Meta’s own baselines of security best practices. Additionally, you will work closely with business verticals to reduce friction from these security controls while enabling Meta to securely move and iterate quickly.

MINIMUM QUALIFICATIONS:

• 8+ years of experience securing complex on-prem or cloud deployments
• 8+ years of experience with IAC (Infrastructure as a Code) deployments for complex systems [Terraform, SaltStack, Ansible]
• 8+ years of experience coding in Python, PHP, Java, Ruby, Go, Rust, C/C++, or similar languages
• Experience addressing security problems by building scalable engineering solutions
• Proven communication skills to convey complex technical issues to both security and non-security audiences
• Experience in reviewing distributed systems design and conducting threat model assessment of software and services
• B.S. or M.S. in Computer Science or related field, or equivalent experience

PREFERRED QUALIFICATIONS:

• Experience influencing software engineers building security products
• Experience creating metrics to measure service and program effectiveness and consistency
• Experience making contributions to the security or privacy community (public research, OSS, blogging, presentations, etc.)

• Work with teams of security engineers and developers to architect scalable solutions to complex infrastructure security problems
• Build out proofs of concept, tools, and/or platforms to address security problems at scale
• Lead other engineers in creating solutions
• Eliminate classes of security problems by shifting the detection and preventions left into the developer workflow
• Partner with cross-functional teams to ensure security maturity work is being prioritized and addressed in ways both timely and durable
• Provide architectural, design, and threat-based guidance to software development teams to improve security maturity before code is created