Meta Platforms, Inc. (Meta), formerly known as Facebook Inc., builds technologies that help people connect, find communities, and grow businesses. When Facebook launched in 2004, it changed the way people connect. Apps and services like Messenger, Instagram, and WhatsApp further empowered billions around the world. Now, Meta is moving beyond 2D screens toward immersive experiences like augmented and virtual reality to help build the next evolution in social technology. To apply, click "Apply to Job" online on this web page.

Application Security Engineer Responsibilities

• Enhance the coverage and capability of our suite of application layer vulnerability detection services across the Novi application stack.


• Review and improve static and dynamic analysis findings to ensure their accuracy and relevance.


• Perform impact assessments, develop prioritized remediation plans, and drive remediation campaigns for the newest, nastiest application vulnerabilities.


• Take a leadership role in driving strategic solutions to recurring vulnerabilities.


• Provide actionable security guidance to our engineering teams.


• Integrate security technologies and processes directly into our pipelines.


• Proactively research and monitor security-related information sources to aid in vulnerability discovery.


• Telecommuting is permitted from anywhere in the United States.

Minimum Qualifications

• Bachelors degree in Software Engineering, Computer Science or a related field, and 24 months of experience in the job offered or in a related occupation. Foreign equivalent accepted.


• Requires 24 months of experience involving the following:


• 1. Application security in large production environments


• 2. One or more programming languages (Rust, Python, C++, Go, PHP etc.)


• 3. Proven communication skills


• 4. Proven technical understanding of CVSS, OWASP Top 10 and other Vulnerability Exploitability ratings


• 5. Application Security, AWS Security, Container Security


• 6. AWS, AlienVault, Azure, Bash, Confluence, EKS, GSuit, Github, Golang, HTML, Hashcat, JIRA, JWT, Java, Javascript, Jenkins, Kubernetes, Metasploit, New Relic, Nmap, NodeJS, OWASP, Okta, PCI-DSS, PagerDuty, Python, Rails, Ruby, SAML, SQL, SQLMap, SignalScience, SignalSciences, Slack, Snyk, Sumologic, tenable.io, Twistlock, TypeScript, Wireshark, tcpdump.

Start preparing
Learn about how to prepare for your interview with our interview guide, tips, and interactive experiences.
Visit interview prep