Facebook Privacy Engineer, Red Team in Topeka, Kansas
Facebook's mission is to give people the power to build community and bring the world closer together. Through our family of apps and services, we're building a different kind of company that connects billions of people around the world, gives them ways to share what matters most to them, and helps bring people closer together. Whether we're creating new products or helping a small business expand its reach, people at Facebook are builders at heart. Our global teams are constantly iterating, solving problems, and working together to empower people around the world to build community and connect in meaningful ways. Together, we can help people build stronger communities - we're just getting started.
Facebook's Privacy Engineering organization is seeking a passionate engineer that can deliver technical expertise for our Privacy Red Team, and execute privacy-focused technical assessments across our products and services. Your skills will improve Facebook’s privacy posture and ensure Facebook is living up to its commitments by finding inappropriate access to data before anyone else does. Candidates are expected to scope, prepare and deliver goal-oriented assessments that positively benefit our prevention, detection and response capabilities. This role requires constructively driving post-assessment remediation activities.
Conduct technical assessments focused on finding privacy issues in internal and external facing systems, products and services
Document and catalog privacy issues discovered during assessments
Research new and novel tactics, techniques, and procedures that may be used to gain inappropriate access to user data
Build tooling to automate portions of assessments
2+ years work experience in a role coding in Python, PHP, Java, C/C++ (or equivalent language) including code maintenance and review
2+ years experience in either Red Teaming, Penetration Testing, Vulnerability Research, or Application Security (conducting security reviews)
Knowledge and understanding of attack surfaces for products and services
Knowledge and understanding of threat modeling
Experience translating technical concepts into language that is understood by software engineers, business and technical leaders
Experience implementing or assessing the implementation of GDPR, CCPA, or equivalent privacy regulation
Experience making contributions to the security or privacy community, such as public research, blogging, presentations, bug bounties, CVEs, etc.
B.S. or M.S. in Computer Science
Equal Opportunity: Facebook is proud to be an Equal Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law. Facebook is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process. If you need any assistance or accommodations due to a disability, please let us know at firstname.lastname@example.org.