Security Detection Engineer, Insider Trust

As part of Meta Security, our Insider Trust team is focused on identifying and responding to insider threats to data. The team's mission is to identify malicious use of otherwise legitimate access to data from people inside the company and respond to it before damage is done. We investigate across a broad spectrum of abuse including abuse of user data, intellectual property, and leaks of sensitive information. We collaborate with software engineering teams to build advanced detection capabilities and understand how abuse happens so that we can stay ahead of those who are interested in misusing their access. The Insider Trust team is looking for a highly motivated Security Engineer to build and improve internal tools and systems to detect malicious activities related to insider threats. Candidates are expected to analyze and monitor internal tools, hunt for insider threats against company data and infrastructure, and have the ability to carry out complex internal investigations from collection to reporting. As part of the role, this person will work side by side with our engineering teams to build advanced detection solutions to help keep systems and information safe, and partner closely with our Human Resources and Legal teams to carry out complex investigations.

Security Detection Engineer, Insider Trust Responsibilities

• Lead cross-functional projects to improve our GenAI capabilities to effectively detect and respond to internal threats and security incidents


• Leverage threat modeling and analysis to build event and/or behavioral based detections to protect our critical GenAI assets and infrastructure


• Perform analysis of logs from a variety of sources (e.g., individual host logs, network traffic logs) to identify potential insider threats


• Build operational workflows and actions that auto-resolve false positives and provide context scaling our ability to investigate


• Identify gaps in our infrastructure, and work with software engineers, product managers, and business partners to gain visibility through logging and detection

Minimum Qualifications

• Bachelor's degree in Computer Science, Engineering, or equivalent experience


• 5+ years of experience in Detection & Response Engineering or similar Security Engineering role


• Experience of developing detection rules using event or anomaly based methods


• Experience conducting technical security investigations (response, forensics, log analysis)


• Experience interpreting information from multiple sources and working with data sets


• Knowledge with database tools/systems such as Hbase, SQL, HQL

Preferred Qualifications

• Experience with anomaly detection applicable to the insider threat detection space


• Experience in security-focused detection engineering, designing large scale systems and data pipelines


• Coding proficiency in Python, PHP, and/or C++, Pandas, NumPy, Scikit-learn, TensorFlow

Start preparing
Learn about how to prepare for your interview with our interview guide, tips, and interactive experiences.
Visit interview prep