Application Security Engineer - Enterprise Engineering

Meta's Enterprise EngineeringApplication Security team is seeking a passionate Security Engineer with a hacker mindset who derives purpose in life by revealing potential weaknesses and then crafting creative solutions to eliminate those weaknesses. Your skills will be the foundation of security initiatives that protect the security and privacy of over two billion people. You will be expected to operate at an expert technical level with developers and engineers across large organizations. You will be relied upon to provide engineering and product teams with the web, mobile, or native-code security expertise necessary to build great products. Come help us make life hard for the bad guys.Application Security Engineer - Enterprise Engineering Responsibilities

• Engaging with our teams to design, develop, and deliver applications that meet evolving requirements for security and privacy. Ensure direction, prioritization, and timely delivery of this work within a changing business environment.
• Automated Analysis and Secure Frameworks: build and deploy automation (static and dynamic analysis) and frameworks with software engineers that enable Meta to operate with appropriate security controls across all of our products and services.
• Engineer Guidance: provide detailed technical guidance and education to developers that help prevent the introduction of vulnerabilities. Develop guidance based on output from static analysis platforms, vulnerability analysis tools, posture management tools, and other security assurance activities.
• Security Reviews: perform periodic manual design and implementation reviews of products and services that make up the Meta ecosystem, including tools built in Python, containerized applications, web based services. Design methods for automating manual reviews to scale services to our internal customers.

Minimum Qualifications

• 8+ years of experience identifying and mitigating security issues in software (python, ruby, Java). Knowledge of best practice secure code development
• Experience leading and managing complex cross-functional security programs.
• Experience with exploiting common security vulnerabilities in software.

Preferred Qualifications

• Experience writing software that enables or evaluates security control in complex systems
• 3+ years of experience in penetration testing or red team operations
• Experience automating security controls in cloud environments (e.g. AWS, GCP, Azure)
• Contributions to the security community (public research, blogging, presentations, bug bounty, etc.)

LocationsAbout Meta Meta builds technologies that help people connect, find communities, and grow businesses. When Facebook launched in 2004, it changed the way people connect. Apps like Messenger, Instagram and WhatsApp further empowered billions around the world. Now, Meta is moving beyond 2D screens toward immersive experiences like augmented and virtual reality to help build the next evolution in social technology. People who choose to build their careers by building with us at Meta help shape a future that will take us beyond what digital connection makes possible today—beyond the constraints of screens, the limits of distance, and even the rules of physics. Meta is committed to providing reasonable support (called accommodations) in our recruiting processes for candidates with disabilities, long term conditions, mental health conditions or sincerely held religious beliefs, or who are neurodivergent or require pregnancy-related support. If you need support, please reach out to accommodations-ext@fb.com. $177,000/year to $251,000/year + bonus + equity + benefits
Individual pay is determined by skills, qualifications, experience, and location. Compensation details listed in this posting reflect the base salary only, and do not include bonus, equity or sales incentives, if applicable. In addition to base salary, Meta offers benefits. Learn more about benefits at Meta.

Career development, Equity, Health care, Salary bonus, Team events