31 Director Security Operations And Enterprise Security jobs in London

Description
Embark on a Mission to Fortify Amazon's Defenses as a Security Engineer with the Vulnerability Management & Remediation Operations team!
Amazon Security is seeking a Security Engineer to join our Vulnerability Management and Remediation Operations (VMRO) team in London, UK. The VMRO team is responsible for discovering, assessing, triaging, detecting, and driving the remediation of vulnerabilities across the Amazon ecosystem
Key job responsibilities
- Analyse public and private vulnerability disclosures and exploit code
- Deeply understand and assess the technical details and potential impact of vulnerabilities across Amazon's infrastructure, services, and applications.
- Investigate and triage vulnerabilities, identifying severity and the scope of potential impact to Amazon.
- Support response and remediation efforts, assisting builder teams to fix their security issues in a timely manner
- Engineer high quality, scalable, and accurate vulnerability detection mechanisms
- Design and implement automation, tools and workflows to enhance our operations capabilities.
- Be part of a global team and participate in periodic on-call responsibilities to ensure the continuous monitoring and remediation of vulnerabilities.
- Experience programming in Python, Ruby, Go, Swift, Java, .Net, C++ or similar object oriented language and SQL
Basic Qualifications
- Bachelor's degree in computer science or equivalent
- Knowledge of networking protocols such as HTTP, DNS and TCP/IP
- Experience programming in Python, Ruby, Go, Swift, Java, .Net, C++ or similar object oriented language
- 5 years security engineering experience in system, network, and/or application security
- 5 years experience developing vulnerability assessment tests with Python or Java.
- 5 years experience improving accuracy of vulnerability detection mechanisms across a diverse technical ecosystem
- 3 years experience troubleshooting networking, operating systems, applications, or cloud services.
- 3 years experience building cloud-based services
Preferred Qualifications
- Experience with AWS products and services
- Experience with any combination of the following: threat modeling, secure coding, identity management and authentication, software development, cryptography, system administration and network security
Amazon is an equal opportunities employer. We believe passionately that employing a diverse workforce is central to our success. We make recruiting decisions based on your experience and skills. We value your passion to discover, invent, simplify and build. Protecting your privacy and the security of your data is a longstanding top priority for Amazon. Please consult our Privacy Notice ( ) to know more about how we collect, use and transfer the personal data of our candidates.
Amazon is an equal opportunity employer and does not discriminate on the basis of protected veteran status, disability, or other legally protected status.
Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit for more information. If the country/region you're applying in isn't listed, please contact your Recruiting Partner.

Description
Embark on a Mission to Fortify Amazon's Defenses as a Security Engineer with the Vulnerability Management & Remediation Operations team!
Amazon Security is seeking a Security Engineer to join our Vulnerability Management and Remediation Operations (VMRO) team in London, UK. The VMRO team is responsible for discovering, assessing, triaging, detecting, and driving the remediation of vulnerabilities across the Amazon ecosystem
Key job responsibilities
Analyse public and private vulnerability disclosures and exploit code
Deeply understand and assess the technical details and potential impact of vulnerabilities across Amazon's infrastructure, services, and applications.
Investigate and triage vulnerabilities, identifying severity and the scope of potential impact to Amazon.
Support response and remediation efforts, assisting builder teams to fix their security issues in a timely manner
Engineer high quality, scalable, and accurate vulnerability detection mechanisms
Design and implement automation, tools and workflows to enhance our operations capabilities.
Be part of a global team and participate in periodic on-call responsibilities to ensure the continuous monitoring and remediation of vulnerabilities.
Experience programming in Python, Ruby, Go, Swift, Java, .Net, C++ or similar object oriented language and SQL
Basic Qualifications
- Bachelor's degree in computer science or equivalent
- Knowledge of networking protocols such as HTTP, DNS and TCP/IP
- Experience programming in Python, Ruby, Go, Swift, Java, .Net, C++ or similar object oriented language
- 5 years security engineering experience in system, network, and/or application security
- 5 years experience developing vulnerability assessment tests with Python or Java.
- 5 years experience improving accuracy of vulnerability detection mechanisms across a diverse technical ecosystem
- 3 years experience troubleshooting networking, operating systems, applications, or cloud services.
- 3 years experience building cloud-based services
Preferred Qualifications
- Experience with AWS products and services
- Experience with any combination of the following: threat modeling, secure coding, identity management and authentication, software development, cryptography, system administration and network security
Amazon is an equal opportunities employer. We believe passionately that employing a diverse workforce is central to our success. We make recruiting decisions based on your experience and skills. We value your passion to discover, invent, simplify and build. Protecting your privacy and the security of your data is a longstanding top priority for Amazon. Please consult our Privacy Notice ( ) to know more about how we collect, use and transfer the personal data of our candidates.
Amazon is an equal opportunity employer and does not discriminate on the basis of protected veteran status, disability, or other legally protected status.
Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit for more information. If the country/region you're applying in isn't listed, please contact your Recruiting Partner.

Description
Embark on a Mission to Fortify Amazon's Defenses as a Support Engineer with the Vulnerability Management & Remediation Operations team!
Amazon Security is seeking an experienced and innovative Support Engineer specialising in cybersecurity to join our Vulnerability Management and Remediation Operations (VMRO) team in London, UK. The VMRO team is a global team that is responsible for assessing, detecting, and driving the remediation of vulnerabilities across the Amazon ecosystem.
Key job responsibilities
- Support vulnerability detection campaigns by working closely with Campaign Owners to launch and continuously improve the quality of campaigns across Amazon.
- Assess and negotiate with customers to drive down security risk by engaging with teams to remediate critical security vulnerabilities in their environments.
- Collaborate with builder teams to implement security fixes and improvements.
- Understand technical details of vulnerabilities affecting Amazon's infrastructure, services, and applications.
- Review and analyse common vulnerability disclosures and assist in evaluating potential impacts.
- Help triage vulnerabilities and contribute to impact and detection logic assessments.
- Contribute to the development of automation of repetitive tasks.
- Actively participate in updating documentation and sharing knowledge across your global peers.
- Participate in an on-call rotation to support continuous monitoring and remediation of vulnerabilities.
If you're excited about the opportunity to make a significant impact on the security of one of the world's largest and most complex technology ecosystems from our London office, we'd love to hear from you!
About the team
Why Amazon Security?
At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon's products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores.
Inclusive Team Culture
In Amazon Security, it's in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas, perspectives, and voices.
Training & Career Growth
We're continuously raising our performance bar as we strive to become Earth's Best Employer. That's why you'll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.
Work/Life Balance
We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why we strive for flexibility as part of our working culture. When we feel supported in the workplace and at home, there's nothing we can't achieve.
Mentorship & Career Growth
We're continuously raising our performance bar as we strive to become Earth's Best Employer. That's why you'll find endless knowledge-sharing, mentorship and other career-advancing resources here to help you develop into a better-rounded professional.
Basic Qualifications
- Bachelor's degree in Computer Science, Computer Engineering, Software Engineering, Cybersecurity or related technical degree or equivalent; or 3+ years equivalent technology experience
- Strong understanding of security concepts with a security mindset.
- Strong understanding of computer and network weaknesses and mitigating controls.
- Strong ability to understand risk and prioritisation in the context of the business.
- Ability to communicate effectively within technical and business settings.
- Ability to document learnings and contribute to knowledge sharing and runbook building.
- Experience with secure-cloud configuration, (CloudTrail, AWS Config), cloud-security technologies (VPC, Security Groups, WAF etc.), and cloud-permission systems (IAM).
- Experience with identity and access concepts, with technologies to secure production and corporate access, (SSO, SAML) and with Federated Identity, RBAC, authentication and authorisation solution, encryption, SSL, and related.
Preferred Qualifications
- 2+ years of experience in fields such a Security Operations, technology audit, or security vulnerability lifecycle.
- Ability to prioritise multiple tasks and projects.
- Have a passion to learn and thrive in a dynamic and constantly changing environment.
- Experience with virtualisation technologies, especially with AWS services.
- Relevant industry certifications such as CISSP, SANS, ISC2, CompTia, etc.
- Maturity, judgment, negotiation/influence skills, analytical skills, and leadership skills.
- Demonstrated knowledge of web protocols, common attacks, and working knowledge of Linux/Unix tools and architecture.
- Understanding of best practices across multiple security disciplines/domains.
- Demonstrated ability to work autonomously with a Bias for Action, critical and creative thinking.
- Demonstrated ability to collaborate, develop partnerships, and work effectively as a member of a global, inclusive team.
Amazon is an equal opportunities employer. We believe passionately that employing a diverse workforce is central to our success. We make recruiting decisions based on your experience and skills. We value your passion to discover, invent, simplify and build. Protecting your privacy and the security of your data is a longstanding top priority for Amazon. Please consult our Privacy Notice ( ) to know more about how we collect, use and transfer the personal data of our candidates.
Amazon is an equal opportunity employer and does not discriminate on the basis of protected veteran status, disability, or other legally protected status.
Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit for more information. If the country/region you're applying in isn't listed, please contact your Recruiting Partner.

Description
Embark on a Mission to Fortify Amazon's Defenses as a Support Engineer with the Vulnerability Management & Remediation Operations team!
Amazon Security is seeking an experienced and innovative Support Engineer specialising in cybersecurity to join our Vulnerability Management and Remediation Operations (VMRO) team in London, UK. The VMRO team is a global team that is responsible for assessing, detecting, and driving the remediation of vulnerabilities across the Amazon ecosystem.
Key job responsibilities
- Support vulnerability detection campaigns by working closely with Campaign Owners to launch and continuously improve the quality of campaigns across Amazon.
- Assess and negotiate with customers to drive down security risk by engaging with teams to remediate critical security vulnerabilities in their environments.
- Collaborate with builder teams to implement security fixes and improvements.
- Understand technical details of vulnerabilities affecting Amazon's infrastructure, services, and applications.
- Review and analyse common vulnerability disclosures and assist in evaluating potential impacts.
- Help triage vulnerabilities and contribute to impact and detection logic assessments.
- Contribute to the development of automation of repetitive tasks.
- Actively participate in updating documentation and sharing knowledge across your global peers.
- Participate in an on-call rotation to support continuous monitoring and remediation of vulnerabilities.
Basic Qualifications
- Bachelor's degree in Computer Science, Computer Engineering, Software Engineering, Cybersecurity or related technical degree or equivalent; or 2+ years equivalent technology experience
- Strong understanding of security concepts with a security mindset.
- Strong understanding of computer and network weaknesses and mitigating controls.
- Strong ability to understand risk and prioritisation in the context of the business.
- Ability to communicate effectively within technical and business settings.
- Ability to document learnings and contribute to knowledge sharing and runbook building.
- Experience with secure-cloud configuration, (CloudTrail, AWS Config), cloud-security technologies (VPC, Security Groups, WAF etc.), and cloud-permission systems (IAM).
- Experience with identity and access concepts, with technologies to secure production and corporate access, (SSO, SAML) and with Federated Identity, RBAC, authentication and authorisation solution, encryption, SSL, and related.
Preferred Qualifications
- 1+ year's of experience in fields such a Security Operations, technology audit, or security vulnerability lifecycle.
- Ability to prioritise multiple tasks and projects.
- Have a passion to learn and thrive in a dynamic and constantly changing environment.
- Experience with virtualisation technologies, especially with AWS services.
- Relevant industry certifications such as CISSP, SANS, ISC2, CompTia, etc.
- Maturity, judgment, negotiation/influence skills, analytical skills, and leadership skills.
- Demonstrated knowledge of web protocols, common attacks, and working knowledge of Linux/Unix tools and architecture.
- Understanding of best practices across multiple security disciplines/domains.
- Demonstrated ability to work autonomously with a Bias for Action, critical and creative thinking.
- Demonstrated ability to collaborate, develop partnerships, and work effectively as a member of a global, inclusive team.
Amazon is an equal opportunities employer. We believe passionately that employing a diverse workforce is central to our success. We make recruiting decisions based on your experience and skills. We value your passion to discover, invent, simplify and build. Protecting your privacy and the security of your data is a longstanding top priority for Amazon. Please consult our Privacy Notice ( ) to know more about how we collect, use and transfer the personal data of our candidates.
Amazon is an equal opportunity employer and does not discriminate on the basis of protected veteran status, disability, or other legally protected status.
Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit for more information. If the country/region you're applying in isn't listed, please contact your Recruiting Partner.

Description
Embark on a Mission to Fortify Amazon's Defenses as a Support Engineer with the Vulnerability Management & Remediation Operations team!
Amazon Security is seeking an experienced and innovative Support Engineer specialising in cybersecurity to join our Vulnerability Management and Remediation Operations (VMRO) team in London, UK. The VMRO team is a global team that is responsible for assessing, detecting, and driving the remediation of vulnerabilities across the Amazon ecosystem.
Key job responsibilities
- Support vulnerability detection campaigns by working closely with Campaign Owners to launch and continuously improve the quality of campaigns across Amazon.
- Assess and negotiate with customers to drive down security risk by engaging with teams to remediate critical security vulnerabilities in their environments.
- Collaborate with builder teams to implement security fixes and improvements.
- Understand technical details of vulnerabilities affecting Amazon's infrastructure, services, and applications.
- Review and analyse common vulnerability disclosures and assist in evaluating potential impacts.
- Help triage vulnerabilities and contribute to impact and detection logic assessments.
- Contribute to the development of automation of repetitive tasks.
- Actively participate in updating documentation and sharing knowledge across your global peers.
- Participate in an on-call rotation to support continuous monitoring and remediation of vulnerabilities.
If you're excited about the opportunity to make a significant impact on the security of one of the world's largest and most complex technology ecosystems from our London office, we'd love to hear from you!
About the team
Why Amazon Security?
At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon's products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores.
Inclusive Team Culture
In Amazon Security, it's in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas, perspectives, and voices.
Training & Career Growth
We're continuously raising our performance bar as we strive to become Earth's Best Employer. That's why you'll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.
Work/Life Balance
We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why we strive for flexibility as part of our working culture. When we feel supported in the workplace and at home, there's nothing we can't achieve.
Mentorship & Career Growth
We're continuously raising our performance bar as we strive to become Earth's Best Employer. That's why you'll find endless knowledge-sharing, mentorship and other career-advancing resources here to help you develop into a better-rounded professional.
Basic Qualifications
- Bachelor's degree in Computer Science, Computer Engineering, Software Engineering, Cybersecurity or related technical degree or equivalent; or 3+ years equivalent technology experience
- Strong understanding of security concepts with a security mindset.
- Strong understanding of computer and network weaknesses and mitigating controls.
- Strong ability to understand risk and prioritisation in the context of the business.
- Ability to communicate effectively within technical and business settings.
- Ability to document learnings and contribute to knowledge sharing and runbook building.
- Experience with secure-cloud configuration, (CloudTrail, AWS Config), cloud-security technologies (VPC, Security Groups, WAF etc.), and cloud-permission systems (IAM).
- Experience with identity and access concepts, with technologies to secure production and corporate access, (SSO, SAML) and with Federated Identity, RBAC, authentication and authorisation solution, encryption, SSL, and related.
Preferred Qualifications
- 2+ years of experience in fields such a Security Operations, technology audit, or security vulnerability lifecycle.
- Ability to prioritise multiple tasks and projects.
- Have a passion to learn and thrive in a dynamic and constantly changing environment.
- Experience with virtualisation technologies, especially with AWS services.
- Relevant industry certifications such as CISSP, SANS, ISC2, CompTia, etc.
- Maturity, judgment, negotiation/influence skills, analytical skills, and leadership skills.
- Demonstrated knowledge of web protocols, common attacks, and working knowledge of Linux/Unix tools and architecture.
- Understanding of best practices across multiple security disciplines/domains.
- Demonstrated ability to work autonomously with a Bias for Action, critical and creative thinking.
- Demonstrated ability to collaborate, develop partnerships, and work effectively as a member of a global, inclusive team.
Amazon is an equal opportunities employer. We believe passionately that employing a diverse workforce is central to our success. We make recruiting decisions based on your experience and skills. We value your passion to discover, invent, simplify and build. Protecting your privacy and the security of your data is a longstanding top priority for Amazon. Please consult our Privacy Notice ( ) to know more about how we collect, use and transfer the personal data of our candidates.
Amazon is an equal opportunity employer and does not discriminate on the basis of protected veteran status, disability, or other legally protected status.
Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit for more information. If the country/region you're applying in isn't listed, please contact your Recruiting Partner.

Description
Embark on a Mission to Fortify Amazon's Defenses as a Support Engineer with the Vulnerability Management & Remediation Operations team!
Amazon Security is seeking an experienced and innovative Support Engineer specialising in cybersecurity to join our Vulnerability Management and Remediation Operations (VMRO) team in London, UK. The VMRO team is a global team that is responsible for assessing, detecting, and driving the remediation of vulnerabilities across the Amazon ecosystem.
Key job responsibilities
Support vulnerability detection campaigns by working closely with Campaign Owners to launch and continuously improve the quality of campaigns across Amazon.
Assess and negotiate with customers to drive down security risk by engaging with teams to remediate critical security vulnerabilities in their environments.
Collaborate with builder teams to implement security fixes and improvements.
Understand technical details of vulnerabilities affecting Amazon's infrastructure, services, and applications.
Review and analyse common vulnerability disclosures and assist in evaluating potential impacts.
Help triage vulnerabilities and contribute to impact and detection logic assessments.
Contribute to the development of automation of repetitive tasks.
Actively participate in updating documentation and sharing knowledge across your global peers.
Participate in an on-call rotation to support continuous monitoring and remediation of vulnerabilities.
Basic Qualifications
- Bachelor's degree in Computer Science, Computer Engineering, Software Engineering, Cybersecurity or related technical degree or equivalent; or 2+ years equivalent technology experience
- Strong understanding of security concepts with a security mindset.
- Strong understanding of computer and network weaknesses and mitigating controls.
- Strong ability to understand risk and prioritisation in the context of the business.
- Ability to communicate effectively within technical and business settings.
- Ability to document learnings and contribute to knowledge sharing and runbook building.
- Experience with secure-cloud configuration, (CloudTrail, AWS Config), cloud-security technologies (VPC, Security Groups, WAF etc.), and cloud-permission systems (IAM).
- Experience with identity and access concepts, with technologies to secure production and corporate access, (SSO, SAML) and with Federated Identity, RBAC, authentication and authorisation solution, encryption, SSL, and related.
Preferred Qualifications
- 1+ year's of experience in fields such a Security Operations, technology audit, or security vulnerability lifecycle.
- Ability to prioritise multiple tasks and projects.
- Have a passion to learn and thrive in a dynamic and constantly changing environment.
- Experience with virtualisation technologies, especially with AWS services.
- Relevant industry certifications such as CISSP, SANS, ISC2, CompTia, etc.
- Maturity, judgment, negotiation/influence skills, analytical skills, and leadership skills.
- Demonstrated knowledge of web protocols, common attacks, and working knowledge of Linux/Unix tools and architecture.
- Understanding of best practices across multiple security disciplines/domains.
- Demonstrated ability to work autonomously with a Bias for Action, critical and creative thinking.
- Demonstrated ability to collaborate, develop partnerships, and work effectively as a member of a global, inclusive team.
Amazon is an equal opportunities employer. We believe passionately that employing a diverse workforce is central to our success. We make recruiting decisions based on your experience and skills. We value your passion to discover, invent, simplify and build. Protecting your privacy and the security of your data is a longstanding top priority for Amazon. Please consult our Privacy Notice ( ) to know more about how we collect, use and transfer the personal data of our candidates.
Amazon is an equal opportunity employer and does not discriminate on the basis of protected veteran status, disability, or other legally protected status.
Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit for more information. If the country/region you're applying in isn't listed, please contact your Recruiting Partner.

**Summary:**
Meta's security team is the central engine driving data and systems security at the company, supporting Meta and all of its family of apps. The security organization is responsible for inhibiting malicious actors from compromising our environment, preventing, detecting and responding to them before they do damage if they do, ensuring we are maintaining the protections we say we will, and engaging with the community to help those outside the company learn from the work we do. We work across all parts of the company, from the corporate infrastructure to production to external services, interfacing with nearly every team in the company.The Security Engineer should have prior experience with security policy, risk, and access management disciplines and be experienced in collaborating with cross-functional teams. This position will be responsible for identifying and enforcing solutions to control access to internal systems. An ideal candidate is someone that has technical knowledge of the broad aspects of information security, and is able to identify deficiencies in the access management space. This role specifically needs conceptual understanding of the IAM concepts that can be applied to our internal IAM solutions. This role requires a broad mix of security, technical, coding and communication skills coupled with a desire to learn.
**Required Skills:**
Security Engineer, Identity and Access Management (IAM) Responsibilities:
1. Directly contribute to experiments, including designing experimental details, authoring reusable code, running evaluations, and organizing results
2. Contribute to publications and open-sourcing efforts
3. Work with a large team
4. Prioritize research that can be applied to Meta's product development
5. Mentor other team members. Play a significant role in healthy cross-functional collaboration
**Minimum Qualifications:**
Minimum Qualifications:
6. Experience in building products in Python/C++/ PHP/Hacklang/React technologies
7. Bachelors degree in Computer Science related field, or equivalent experience
8. Experience building large-scale distributed systems or similar experience
9. 10+ years of software development experience
10. Experience in assessing security deficiencies in first-party/internal information systems and recommending mitigating controls
11. 3+ years of proven experience working on Information Security teams or conducting Information Security consulting engagements
12. Knowledge of evaluating systems architectural designs, data-flow diagrams and technical security implementations, particularly in context of access management in different geographical locations
13. Experience with developing security reporting and recommendations that are meaningful, defensible and actionable for a variety of audiences
14. Skills to manage competing priorities and simultaneous projects in a time-sensitive and productive environment with little supervision
15. Experience in communicating effectively with a broad range of stakeholders, collaborators and clients, at different levels
**Preferred Qualifications:**
Preferred Qualifications:
16. Highly experience in analytical and problem-solving skills, including a basic understanding of data analysis techniques
17. Good grasp of SOX, SOC2, NIST, PCI, ISO, and other security regulations
18. Experience in the IAM domain in a cloud based infrastructure environment
19. Program and project management skills
**Industry:** Internet

**Summary:**
Facebook's security team is the central engine driving data and systems security at the company, supporting Facebook and all of its family of apps. The organization is responsible for preventing malicious actors from compromising our environment, detecting and responding to them before they do damage if they do, ensuring we are maintaining the protections we say we will, and engaging with the community to help those outside the company learn from the work we do. We work across all parts of the company, from the corporate infrastructure to production to external services, interfacing with nearly every team in the company.The Security Engineer should have prior experience with security policy, risk, and access management disciplines and be experienced in collaborating with cross-functional teams. This position will be responsible for identifying and enforcing solutions to control access to internal systems. An ideal candidate is someone that has technical knowledge of the broad aspects of information security, and is able to identify deficiencies in the access management space. This role specifically needs thorough conceptual understanding of the IAM concepts that can be applied to our internal IAM solutions. This role requires a broad mix of security, technical, coding and communication skills coupled with a inherent desire to learn. Some travel may be required.
**Required Skills:**
Security Engineer, Identity and Access Management (IAM) Responsibilities:
1. Design and implement systems that enhance the security of Facebook's Identity & Access Management Systems
2. Build and maintain tools that improve the Identity and Access Management posture at Meta
3. Conduct design and code reviews Analyze and improve efficiency, scalability, and stability for assigned product area and/or systems
4. Identify and drive changes as needed for assigned codebase, product area and/or systems
5. Interface with other teams to incorporate their innovations and vice versa
6. Articulate security findings to internal to a variety of stakeholders, including both technical and non-technical stakeholders
7. Provide defensible recommendations on technical, physical and administrative control implementations based on findings while balancing the cost versus benefits
8. Participate in the development and oversight of corrective actions relating to security issues
9. Participate in cross-functional, team, and status review meetings
10. Recommend process improvement and strategic initiatives as related to security
**Minimum Qualifications:**
Minimum Qualifications:
11. Experience in writing custom scripts in Python/C++ and PHP/Hack
12. BSc in Computer Science related field, or equivalent experience
13. Experience building large-scale distributed systems or similar experience
14. 5+ years of software development experience
15. Experience in assessing security deficiencies in first-party/internal information systems and recommending mitigating controls
16. 5+ years of proven experience working on Information Security teams or conducting Information Security consulting engagements
17. Knowledge of evaluating systems architectural designs, data-flow diagrams and technical security implementations, particularly in context of access management in different geographical locations
18. Experience with developing security reporting and recommendations that are meaningful, defensible and actionable for a variety of audiences
19. Able of managing competing priorities and simultaneous projects in a fast paced environment with little supervision
20. Great communication skills - both written and verbal, interpersonal skills, and able of working cross-functionally with various teams
**Preferred Qualifications:**
Preferred Qualifications:
21. Good grasp of SOX, SOC2, NIST, PCI, ISO, and other security regulations
22. Demonstrated experience in analytical and problem-solving skills, including a basic understanding of data analysis techniques
23. Experience in the IAM domain in a cloud based infrastructure environment
24. Program and project management skills
**Industry:** Internet

**Summary:**
Meta's security team is the central engine driving data and systems security at the company, supporting Meta and all of its family of apps. The org is responsible for inhibiting malicious actors from compromising our environment, detecting and responding to them before they do damage if they do, ensuring we are maintaining the protections we say we will, and engaging with the community to help those outside the company learn from the work we do. We work across all parts of the company, from the corporate infrastructure to production to external services, interfacing with nearly every team in the company.The Security Engineer should have prior experience with security policy, risk, and access management disciplines and be experienced in collaborating with cross-functional teams. This position will be responsible for identifying and enforcing solutions to control access to internal systems, cover broad aspects of information security, and identify deficiencies in the access management space. This role specifically needs conceptual understanding of the IAM concepts that can be applied to our internal IAM solutions. Some travel may be required.
**Required Skills:**
Security Engineer, Identity and Access Management (IAM) Responsibilities:
1. Design and implement systems that enhance the security of Meta's Identity & Access Management Systems
2. Build and maintain tools that improve the Identity and Access Management posture at Meta
3. Conduct design and code reviews Analyze and improve efficiency, scalability, and stability for assigned product area and/or systems
4. Identify and drive changes as needed for assigned codebase, product area and/or systems
5. Interface with other teams to incorporate their innovations and vice versa
6. Articulate security findings to internal to a variety of stakeholders, including both technical and non-technical stakeholders
7. Provide defensible recommendations on technical, physical and administrative control implementations based on findings while balancing the cost versus benefits
8. Participate in the development and oversight of corrective actions relating to security issues
9. Participate in cross-functional, team, and status review meetings
10. Recommend process improvement and strategic initiatives as related to security
**Minimum Qualifications:**
Minimum Qualifications:
11. 2+ years of experience in developing custom scripts in Python/C++ and PHP/Hack
12. MS or PhD (or equivalent) in Computer Science or related field
13. 3+ years of experience in software development experience
14. Experience building large-scale distributed systems or similar experience
15. Experience in assessing security deficiencies in first-party/internal information systems and recommending mitigating controls
16. Knowledge of evaluating systems architectural designs, data-flow diagrams and technical security implementations, particularly in context of access management in different geographical locations
17. Experience with developing security reporting and recommendations that are meaningful, defensible and actionable for a variety of audiences
18. Experienced in managing competing priorities and simultaneous projects in a fast paced environment with little supervision
19. Demonstrated experience in communication skills - both writing and speaking, interpersonal skills, and experienced in working cross-functionally with various teams
**Preferred Qualifications:**
Preferred Qualifications:
20. Practical experience of analytical and problem-solving skills, including a basic understanding of data analysis techniques
21. Program and project management skills
22. Good grasp of SOX, SOC2, NIST, PCI, ISO, and other security regulations
**Industry:** Internet