Summary

Meta's Privacy Engineering team is seeking a Privacy Engineer with experience in applying an adversarial mindset to identify, scope, contain, and eradicate real-world privacy threats to products and infrastructure. Your primary responsibility will be to deal with privacy vulnerabilities by designing and guiding Software Engineers through remediations, learning from security/privacy incidents, and identifying vulnerabilities across our codebase at scale. Your skills will be the foundation of security initiatives that protect the security and privacy of billions of people. You will advance Meta’s mission of making the world more open and connected by identifying and neutralizing threats that aim to collect sensitive information or disrupt our systems.

Required Skills

Application Security Engineer, Privacy Responsibilities:

1. Incident triage & fact identification: Get the right people involved to understand what has happened and assess impact
2. Follow the facts uncovered in triage to mitigate and remediate the vulnerability
3. Review and understand what happened and ensure that the root cause and contributing factors are identified, documented, and remediated
4. Apply technical understanding to ensure Meta learns from each incident to ensure it doesn’t resurface
5. Employ adversarial mindset to proactively identify vulnerabilities across Meta's products

Minimum Qualifications

1. 5+ years work experience in technical privacy, security, or security software engineering domains, including incident response, application privacy/security, and/or offensive security
2. Experience identifying, analyzing, and remediating real-world privacy/security threats
3. Software engineering proficiency equivalent to 1+ years work experience coding in Python, PHP, Java, C/C++ (or equivalent language) including code maintenance and review

Preferred Qualifications

1. Experience within a corporate environment communicating technical issues and their implications to other areas of the business.
2. Experience managing large-scale incidents with broad, public visibility.
3. Technical contributions to the privacy or security community (e.g., public research, blogging, presentations).
4. B.S. or M.S. in Computer Science or a related field, or equivalent work experience.
5. Technical experience across other Privacy or Security disciplines, e.g., Application Security/Privacy.

Industry: Internet