Facebook's mission is to give people the power to build community and bring the world closer together. Through our family of apps and services, we're building a different kind of company that connects billions of people around the world, gives them ways to share what matters most to them, and helps bring people closer together. Whether we're creating new products or helping a small business expand its reach, people at Facebook are builders at heart. Our global teams are constantly iterating, solving problems, and working together to empower people around the world to build community and connect in meaningful ways. Together, we can help people build stronger communities - we're just getting started.
Facebook's Security team is looking for an Offensive Security Pentest Engineer that can deliver technical expertise for our offensive security Penetration Testing team and execute tactical, offensive assessments across our environments. This individual should have extensive experience across the attack lifecycle and a demonstrated capacity to lead, design, and execute a penetration test against various technologies and stacks. Candidates are expected to scope, prepare and deliver technology-oriented assessments that positively benefit the overall security posture of the organization. This role requires a desire to help drive fixes after testing cycles, both as short term mitigations and long term improvements.
- Conduct penetration tests focused on both the unique systems and technologies used at Facebook, as well as approved third party software and vendors
- Help in the building of tooling to automate portions of pentests, scoping or other offensive security work, and use this model to inform and drive our assessments, as well as assist other teams with Facebook security efforts
- Design, scope, and lead deep technical assessments on internal and external facing systems
- Perform research to identify new ways of achieving your mission
- Work with vulnerability management, production security and other security programs to align remediation efforts and best protect the company from known threats