Manager, Security Threat Detection & Response, F2 (Facebook Financial)Novi Financial | Menlo Park, CA - Remote, US
About NoviF2 (Facebook Financial) is a product group at Facebook focused on building products to ensure that everyone, everywhere has access to the world’s financial system to accelerate financial inclusion and economic empowerment.
F2’s Security team drives security initiatives that protect the security and privacy of F2’s users, their money and data, and our infrastructure.
Our global Threat, Detection, and Response Security Engineers build detection to identify threats within our product and our infrastructure, operationalize these detections, responds to and investigates incidents, and supports our broader F2 and Facebook Threat Intelligence functions to help ensure we can detect threat actors targeting F2. You will be supporting those who are responding to these threats, building advanced and novel detection mechanisms, performing searches for sophisticated and previously unknown malicious activity, developing systems to automate remediation, and conducting complex investigations. You'll work with some of the brightest minds in the industry in a data driven culture, use cutting edge technology, and see you and your team's efforts affect products and people on a regular basis. You should have a passion for supporting people and teams to achieve these objectives and grow their careers. The ideal candidate to support our passionate and dedicated Security Engineers has strong leadership skills, a background in detection engineering and incident response, and has grown and supported organizations to accomplish similar functions prior.
- Support a team of security engineers who detect and respond to internal and external threats.
- Hire, grow, and build a high performing team capable of achieving the team’s mission.
- Coach, mentor, support, and care for immediate teams directly and indirectly across the organization in a way that enables long-term career development, happiness, and success at F2.
- Influence, contribute, and align to the F2 Security’s and F2’s overall vision and strategy while supporting your teams to develop and deliver specific, multi-year roadmaps, programs, and projects.
- Support prioritization, resourcing, and timely delivery of roadmaps adapting to a changing business environment.
- Define operational metrics, key performance indicators, and service level objectives to assure the team achieves operational excellence.
- Build, cultivate, and maintain positive relationships with internal customers to identify and facilitate solutions to increase the impact of the team's work.
- Partner, influence, and collaborate with other teams to solve challenges related to a broad spectrum of threat actors and help protect the entire Facebook infrastructure by developing scalable and flexible engineering solutions.
- Focus on ruthlessly prioritizing, automating, and scaling every aspect of our detection and response capabilities.
- Be a broad technical and process subject matter expert regarding the functions and services your team provides.
- 5+ years of work experience in software or security engineering, including 2+ years of proven hands-on technical management experience of security engineers.
- Experience recruiting, building, and leading technical teams, including performance management, and supporting and growing senior security engineers and managers.
- Experience building detection engineering, incident response, and/or threat intelligence functions prior.
- Experience developing and delivering information on program status for senior leadership.
- Experience leading and managing complex cross-functional programs.
- Knowledge of operating systems, file systems, cloud based services, and storage as examples to support teams to effectively investigate and respond to security incidents.
- Experience with an interpreted programming language (PHP, Python, Perl, Ruby, etc.).
- Experience with attacker tactics, techniques, and procedures.
- BA/BS in Computer Science or 8+ years work experience in a leadership and management capacity.
- Background in intrusion detection, security investigations, and incident response.
- Experience “threat hunting”, i.e. using threat intel to proactively and iteratively investigate these potential risks and finding suspicious behavior in the network.
- Broad knowledge across the Security domain, as well as deep focus in one (or more) areas such as: Logs and events processing, Incident Management, and Detection and/or Response tool development.
- Experience in fintech, financial, and/or payment services industries.
- Experience facilitating and conducting threat actor threat models across business and product areas.