<- All Jobs
Security Engineer, Identity and Access Management (IAM)
Meta's security team is the central engine driving data and systems security at the company, supporting Meta and all of its family of apps. The org is responsible for inhibiting malicious actors from compromising our environment, detecting and responding to them before they do damage if they do, ensuring we are maintaining the protections we say we will, and engaging with the community to help those outside the company learn from the work we do. We work across all parts of the company, from the corporate infrastructure to production to external services, interfacing with nearly every team in the company.
The Security Engineer should have prior experience with security policy, risk, and access management disciplines and be experienced in collaborating with cross-functional teams. This position will be responsible for identifying and enforcing solutions to control access to internal systems, cover broad aspects of information security, and identify deficiencies in the access management space. This role specifically needs conceptual understanding of the IAM concepts that can be applied to our internal IAM solutions.
Some travel may be required.Security Engineer, Identity and Access Management (IAM) Responsibilities
Equal Employment Opportunity Meta is proud to be an Equal Employment Opportunity employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, reproductive health decisions, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, genetic information, political views or activity, or other applicable legally protected characteristics. You may view our Equal Employment Opportunity notice here.
Meta is committed to providing reasonable accommodations for qualified individuals with disabilities and disabled veterans in our job application procedures. If you need assistance or an accommodation due to a disability, fill out the Accommodations request form.
The Security Engineer should have prior experience with security policy, risk, and access management disciplines and be experienced in collaborating with cross-functional teams. This position will be responsible for identifying and enforcing solutions to control access to internal systems, cover broad aspects of information security, and identify deficiencies in the access management space. This role specifically needs conceptual understanding of the IAM concepts that can be applied to our internal IAM solutions.
Some travel may be required.Security Engineer, Identity and Access Management (IAM) Responsibilities
- Design and implement systems that enhance the security of Meta鈥檚 Identity & Access Management Systems
- Build and maintain tools that improve the Identity and Access Management posture at Meta.
- Conduct design and code reviews Analyze and improve efficiency, scalability, and stability for assigned product area and/or systems
- Identify and drive changes as needed for assigned codebase, product area and/or systems
- Interface with other teams to incorporate their innovations and vice versa
- Articulate security findings to internal to a variety of stakeholders, including both technical and non-technical stakeholders
- Provide defensible recommendations on technical, physical and administrative control implementations based on findings while balancing the cost versus benefits
- Participate in the development and oversight of corrective actions relating to security issues
- Participate in cross-functional, team, and status review meetings
- Recommend process improvement and strategic initiatives as related to security
- 2+ years of experience in developing custom scripts in Python/C++ and PHP/Hack
- MS or PhD (or equivalent) in Computer Science or related field
- 3+ years of experience in software development experience
- Experience building large-scale distributed systems or similar experience
- Experience in assessing security deficiencies in first-party/internal information systems and recommending mitigating controls
- Knowledge of evaluating systems architectural designs, data-flow diagrams and technical security implementations, particularly in context of access management in different geographical locations
- Experience with developing security reporting and recommendations that are meaningful, defensible and actionable for a variety of audiences
- Experienced in managing competing priorities and simultaneous projects in a fast paced environment with little supervision
- Demonstrated experience in communication skills - both writing and speaking, interpersonal skills, and experienced in working cross-functionally with various teams
- Program and project management skills
- Good grasp of SOX, SOC2, NIST, PCI, ISO, and other security regulations
- Practical experience of analytical and problem-solving skills, including a basic understanding of data analysis techniques
Equal Employment Opportunity Meta is proud to be an Equal Employment Opportunity employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, reproductive health decisions, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, genetic information, political views or activity, or other applicable legally protected characteristics. You may view our Equal Employment Opportunity notice here.
Meta is committed to providing reasonable accommodations for qualified individuals with disabilities and disabled veterans in our job application procedures. If you need assistance or an accommodation due to a disability, fill out the Accommodations request form.