Security Analyst, Anti Scraping Investigation

Meta’s Privacy Infra External Data Misuses (EDM) Enforcement team ensures that user data is protected, and those trying to gain unauthorized access to it are identified, investigated, and all threats mitigated. EDM Enforcement assists the company to meet all internal standards for data management and protection. The team conducts investigations, involving technical analysis and OSINT attribution research, and works with stakeholders across the company to use all available resources to identify, mitigate, and prevent scraping of user data. Meta is looking for an investigator to join the EDM Enforcement team to lead, innovate, and take on the full range of scraping threats to the Meta family of apps. The position will be responsible for conducting end to end investigations on a large scope of actors seeking unauthorized access to user data, and working with a wide range of stakeholders across the company to drive the evolution of Meta’s data policy, products, and enforcement options to identify, neutralize, and deter scraping on the platform. The role requires the candidate to have technical and OSINT experience, exposure to the adversarial space, and experience working with cross functional partners. The ideal candidate will work diligently on their own, empower their teammates, efficiently share knowledge, and translate technical and OSINT findings into actionable enforcement options. A mix of technical, leadership, business acumen coupled with polished communication and a strong desire to learn are key to success in this position.

• Investigate complex cases using a variety of methodologies (on and off platform) to understand how abuse is occurring and attribute the person(s) responsible. Identify enforcement strategies to mitigate harm both in the current case and from similar forward-looking abuse. Document findings in detailed, concise, and comprehensive reports.
• Engage cross-functionally with other analytic and investigative teams within the company to develop best practices for conducting investigations, training, and tracking and reporting on investigation trends to the team and supporting legal and technical enforcement actions against bad actors.
• Manage multiple investigations at once while effectively prioritizing time.
• Assist in the development of the long-term strategy in investigations to improve tactics, discoverability of threats, and enhance efficiencies.
• Proactively look for currently undetected abuse by leveraging internal data, open-source intelligence, and third party private intelligence.
• Drive and lead exploration of the scraping ecosystem, understand the scraping enabled business models, and the most significant risks and harms of scraping to users.

• 10+ years of investigative experience conducting technical and non-technical investigations of online threats and abuse
• 5+ years of SQL and relational databases experience
• 5+ years experience conducting OSINT and cyber attribution investigations
• 2+ years experience as technical lead or team lead in an adversarial and/or investigative space

• Experience with, and exposure to, Linux/Unix environment, PHP, Python, Java, or other programming/scripting languages, TCP/IP protocol stack, and a variety of operating systems
• Experience applying data analytics to security risk analysis and investigations
• Experience drafting investigative reports, documenting evidence and technical findings, for a range of technical and non technical audiences. Experience working in cross-functional teams
• Adversarial mindset and understanding how threat actors manifest on the internet
• Attention to detail and experience creating work products suitable for executive-level review
• Experience contributing to the security community (open source, academic research, industry research, blogs, presentations, etc.)