Security Engineer, Threat Detection and Response, Novi

Novi is a product group at Facebook focused on building products to ensure that everyone, everywhere has access to the world’s financial system to accelerate financial inclusion and economic empowerment. We're looking for a Security Engineer to work closely with Software Engineers, Security Engineers, Compliance, and Legal to support threat detection and response engineering at Novi. You will be responding to threats, building advanced and novel detection mechanisms, performing searches for sophisticated and previously unknown malware, and developing systems to automate remediation. You'll work with some of the brightest minds in the industry in a data driven culture, use cutting edge technology, and see your efforts affect products and people on a regular basis. You should have a passion for detecting malicious activity, responding to intrusions, and developing new signatures or methodologies to detect bad activity.
Security Engineer, Threat Detection and Response, Novi Responsibilities
  • Search for gaps in our infrastructure: proactively identify malicious activity that we are not currently able to detect
  • Analyze logs, packets, and alerts for signs of malicious activity
  • Create signatures and tools to analyze and detect malicious activity
  • Build automation for response and remediation of malicious activity
  • Support incident response by investigating security intrusions
  • Drive implementation of countermeasures, mitigations, and containment
Minimum Qualifications
  • Bachelors degree in Computer Science or equivalent experience
  • Experience in detection, response, or security engineering
  • Experience designing and building out security monitoring to aid in detection or forensic investigations
  • Coding/scripting experience in one or more general purpose languages
  • Knowledge of networking technologies, specifically TCP/IP and the related protocols
  • Knowledge of operating systems, file systems, and memory on MacOS, Linux or Windows
  • Experience with attacker tactics, techniques and procedures
  • Experience performing data analysis on large datasets
  • Experience in SQL to support detection engineering and incident response
Preferred Qualifications
  • Experience with rule-driven and analysis-driven network platforms like Bro and Suricata
  • Experience hunting, i.e. using threat intel to proactively and iteratively investigates these potential risks and finding suspicious behavior in the network
  • Experience with understanding insider threats and create detections and/or models from signals
  • Background in malware analysis, intrusion detection, and/or threat intelligence
About Meta
Meta builds technologies that help people connect, find communities, and grow businesses. When Facebook launched in 2004, it changed the way people connect. Apps like Messenger, Instagram and WhatsApp further empowered billions around the world. Now, Meta is moving beyond 2D screens toward immersive experiences like augmented and virtual reality to help build the next evolution in social technology. People who choose to build their careers by building with us at Meta help shape a future that will take us beyond what digital connection makes possible today—beyond the constraints of screens, the limits of distance, and even the rules of physics.
Meta is committed to providing reasonable support (called accommodations) in our recruiting processes for candidates with disabilities, long term conditions, mental health conditions or sincerely held religious beliefs, or who are neurodivergent or require pregnancy-related support. If you need support, please reach out to
Related Job Openings
Meta is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, reproductive health decisions, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, genetic information, political views or activity, or other applicable legally protected characteristics. You may view our Equal Employment Opportunity notice here. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law. We may use your information to maintain the safety and security of Meta, its employees, and others as required or permitted by law. You may view Meta's Pay Transparency Policy, Equal Employment Opportunity is the Law notice, and Notice to Applicants for Employment and Employees by clicking on their corresponding links. Additionally, Meta participates in the E-Verify program in certain locations, as required by law.

Meta is committed to providing reasonable accommodations for qualified individuals with disabilities and disabled veterans in our job application procedures. If you need assistance or an accommodation due to a disability, you may contact us at