Application Security Engineer

Facebook wordmarkFacebook wordmarkFacebook
Application Security Engineer
Facebook wordmarkFacebook wordmarkFacebook
Location pin icon
Tel Aviv, Israel
Met'a Application Security team in Tel Aviv is seeking a skilled and motivated hacker to help us secure 3 billion users against internal threats. We are building a new team in Tel Aviv that would leverage static analysis tools in order to identify problems with our internal tooling and code. We are mainly looking for issues that could be leveraged by an internal employee to access users' data. Beyond simply finding and detecting these issues, the main challenge for this team would be to ensure we have can detect in real time when new code is written that would allow for inappropriate access to data. In cases where we can't fix the code the team would need to come up with creative compensating mechanisms (e.g. logging and alerting). As such, we are looking for an application security expert with a hacker mindset, and a background in product/application security/software engineering. They should be comfortable working across the company and enjoy finding innovative ways to mitigate risk while protecting billions of Meta users.
Application Security Engineer Responsibilities
  • Conduct regular security assessments on new and existing products and perform code reviews to proactively find potential vulnerabilities.
  • Hunt for internal threats in our corporate and production infrastructure to proactively identify malicious activity that we are not currently able to detect.
  • Take an active role in driving internal security and privacy initiatives.
  • Develop a roadmap for future work, track progress against it, and evaluate the team’s performance.
  • Partner with engineering leaders across the company to help them prioritize security issues in their products and balance business goals.
Minimum Qualifications
  • 4+ years of work experience in software or security engineering
  • Familiarity with web security (e.g. SQLi, XSS, permission bypass vulnerabilities).
  • Experience building relationships with stakeholders and business leaders.
  • Experience with any programming language (PHP, Python, Java, Perl, Ruby, etc)
  • Technical security experience with white-box testing
Preferred Qualifications
  • B.S. or M.S. Computer Science or related field, or equivalent experience
  • Coding proficiency in Python, PHP, and/or C++.
  • Background in automated program analysis.
  • Contributions to the security community (public research, blogging, presentations, etc)
  • Experience with insider threat detection tools and advanced analytic methodologies.
  • Knowledge of incident response phases and concepts.
  • Experience translating technical concepts into language for broad technical and non-technical audiences
About Meta
Meta builds technologies that help people connect, find communities, and grow businesses. When Facebook launched in 2004, it changed the way people connect. Apps like Messenger, Instagram and WhatsApp further empowered billions around the world. Now, Meta is moving beyond 2D screens toward immersive experiences like augmented and virtual reality to help build the next evolution in social technology. People who choose to build their careers by building with us at Meta help shape a future that will take us beyond what digital connection makes possible today—beyond the constraints of screens, the limits of distance, and even the rules of physics.
Meta is committed to providing reasonable support (called accommodations) in our recruiting processes for candidates with disabilities, long term conditions, mental health conditions or sincerely held religious beliefs, or who are neurodivergent or require pregnancy-related support. If you need support, please reach out to
Related Job Openings
Meta is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, reproductive health decisions, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, genetic information, political views or activity, or other applicable legally protected characteristics. You may view our Equal Employment Opportunity notice here. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law. We may use your information to maintain the safety and security of Meta, its employees, and others as required or permitted by law. You may view Meta's Pay Transparency Policy, Equal Employment Opportunity is the Law notice, and Notice to Applicants for Employment and Employees by clicking on their corresponding links. Additionally, Meta participates in the E-Verify program in certain locations, as required by law.

Meta is committed to providing reasonable accommodations for qualified individuals with disabilities and disabled veterans in our job application procedures. If you need assistance or an accommodation due to a disability, you may contact us at