Security Engineer - Infrastructure Security F2 (Facebook Financial)Novi Financial | Menlo Park, CA
About NoviF2 (Facebook Financial) is a product group at Facebook focused on building products to ensure that everyone, everywhere has access to the world’s financial system to accelerate financial inclusion and economic empowerment.
F2’s Security team drives security initiatives that protect the security and privacy of F2. Our security engineers reveal potential weaknesses and craft creative solutions to eliminate those weaknesses, and are relied upon to provide engineering and product teams with the security expertise necessary to make confident product decisions.
As such, we are seeking a passionate hacker who derives purpose in life by revealing potential weaknesses and then crafting creative solutions to eliminate those weaknesses. Your skills will be the foundation of F2 security initiatives that protect the security and privacy of over two billion people. You will be relied upon to provide engineering and product teams with the infrastructure security expertise necessary to make confident design decisions.
- Provide security guidance on a constant stream of new backend/core infrastructure and technologies
- Take a leadership role in driving internal security and privacy initiatives
- Analyze, assess, and respond to various internet threats
- Interact directly with the security community regarding infrastructure security vulnerabilities and threats
- Conduct regular threat modeling assessments specializing on zero trust infrastructure concepts
- B.S. or M.S. in Computer Science or related field, or equivalent experience
- Experience ensuring security and privacy on the internet
- Experience with an interpreted programming language (PHP, Python, Perl, Ruby, etc.)
- Experience reviewing distributed systems design and conducting threat modeling of highly connected systems
- Knowledge and experience building distributed systems
- Communication skills
- Background in distributed systems or large scale systems design
- Experience in large scale security mitigations and hardening initiatives
- Track record securing public cloud deployments
- Contributions to the security community (public research, blogging, presentations, bug bounty, etc.)