Detection & Response Security Engineer, Threat Intelligence

Meta
Charing Cross, United Kingdom
7 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Intermediate
Compensation
£ 57K

Job location

Charing Cross, United Kingdom

Tech stack

PHP
Data analysis
Computer Networks
Query Languages
Data Intelligence
Python
Red Team (Cyber Security)
SQL Databases
Software Vulnerability Management
Snort (Software)
Scripting (Bash/Python/Go/Ruby)
Mitre Att&ck
Malware
Cyber Threat Analysis
Cybercrime
Production Code

Job description

Meta Security is looking for a threat intelligence investigator with extensive experience in investigating cyber threats with an intelligence-driven approach. You will be proactively responding to a broad set of security threats, as well as tracking actor groups with an interest or capability to target Meta and its employees. You will also be identifying the gaps in current detections and preventions by long-term intelligence tracking and research, and working with cross-functional stakeholders to improve Meta's security posture.

Required Skills:

Detection & Response Security Engineer, Threat Intelligence Responsibilities:

  1. Track threat clusters posing threats to Meta's infrastructure and employees, and identify, develop and implement countermeasures on our corporate network

  2. Investigate, mitigate, and forecast emerging technical trends and communicate effectively with actionable suggestions to different types of audiences

  3. Work closely with incident responders to provide useful and timely intelligence to enrich ongoing investigations

  4. Improve the tooling of threat cluster tracking and intelligence data integration to existing systems

  5. Engage constructively in cross-functional projects to improve the security posture of Meta's infrastructure, such as red team operations, surface detection coverage expansion and vulnerability management discussions

Requirements

  1. 3+ years threat intelligence experience

  2. Bachelor's degree or equivalent experience in Security

  3. Familiarity with campaign tracking techniques and ability to convert the tracking results to long term countermeasures

  4. Familiarity with threat modeling framework, such as Diamond Model or/and MITRE ATT&CK framework

  5. Experience intelligence-driven hunting to spot suspicious activities in the network and identify potential risks

  6. Proven track record of managing and executing on short term and long term projects

  7. Ability to work with a team spanning multiple locations/time zones

  8. Ability to prioritize and execute tasks with minimal direction or oversight

  9. Ability to think critically and qualify assessments with solid communications skills

  10. Coding or scripting experience in one or more scripting languages such as Python or PHP

Preferred Qualifications:

Preferred Qualifications:

  1. Experience close collaborating with incident responders on incident investigations

  2. Familiarity with malware analysis or network traffic analysis

  3. Familiarity with nation-state, sophisticated criminal, or supply chain threats

  4. Production of file-based or network-based rules and signatures for detection and tracking of complex threats, such as YARA or Snort

  5. Experience in one or more query languages such as SQL

  6. Experience authoring production code for threat intelligence tooling

  7. Experience conducting large scale data analysis

  8. Experience working across the broader security community

Industry: Internet

Apply for this position