CrawlJobs Logo
Meta Logo Meta · IT - Software Development

Security Engineer - IR Threat Intelligence

United States, Bellevue 154000.00 - 217000.00 USD / Year · Job Posted January 23, 2026
Apply Position
Job Link Share

Job Description

Meta Security is looking for a threat intelligence investigator with extensive experience in investigating cyber threats with an intelligence-driven approach. You will be proactively responding to a broad set of security threats, as well as tracking actor groups with an interest or capability to target Meta and its employees. You will also be identifying the gaps in current detections and preventions by long-term intelligence tracking and research, and working with cross-functional stakeholders to improve Meta’s security posture.

Job Responsibility

  • Track threat clusters posing threats to Meta’s infrastructure and employees, and identify, develop and implement countermeasures on our corporate network
  • Investigate, mitigate, and forecast emerging technical trends and communicate effectively with actionable suggestions to different types of audiences
  • Work closely with incident responders to provide useful and timely intelligence to enrich ongoing investigations
  • Improve the tooling of threat cluster tracking and intelligence data integration to existing systems
  • Engage constructively in cross-functional projects to improve the security posture of Meta’s infrastructure, such as red team operations, surface detection coverage expansion and vulnerability management discussions

Requirements

  • 5+ years threat intelligence experience
  • Bachelor's degree or equivalent experience in Security
  • Familiarity with campaign tracking techniques and ability to convert the tracking results to long term countermeasures
  • Familiarity with threat modeling framework, such as Diamond Model or/and MITRE ATT&CK framework
  • Experience intelligence-driven hunting to spot suspicious activities in the network and identify potential risks
  • Proven track record of managing and executing on short term and long term projects
  • Ability to work with a team spanning multiple locations/time zones
  • Ability to prioritize and execute tasks with minimal direction or oversight
  • Ability to think critically and qualify assessments with solid communications skills
  • Coding or scripting experience in one or more scripting languages such as Python or PHP

Nice to have

  • Experience close collaborating with incident responders on incident investigations
  • Familiarity with malware analysis or network traffic analysis
  • Familiarity with nation-state, sophisticated criminal, or supply chain threats
  • Production of file-based or network-based rules and signatures for detection and tracking of complex threats, such as YARA or Snort
  • Experience in one or more query languages such as SQL
  • Experience writing production code for threat intelligence tooling
  • Experience conducting large scale data analysis
  • Experience working across the broader security community

What we offer

  • bonus
  • equity
  • benefits
Meta - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Security Engineer - IR Threat Intelligence

8 matching positions

Defensive Security Engineer (IR)

As the Defensive Security Engineer, you will be part of the company’s Incident R...
Location
Location
Spain , Barcelona
Salary
Salary:
Not provided
adevinta.com Logo
Adevinta
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • An experienced security analyst with the mentioned solutions and resolving security incidents in large enterprise environments
  • You are familiar with Incident Management At Google (IMAG)
  • Structured, analytical, autonomous and proactive persona
  • Familiar with the Agile methodology
  • Experience with security frameworks and methodologies such as MITRE ATT&CK, ENISA or NIST
  • You have a hacker and an open mindset
  • You have software development skills
  • You have a good understanding of AWS Cloud technologies, services, security capabilities, and controls such as SCPs, Security Groups, IAM, etc
  • You understand SDLC (coding and development) with modern tooling and ecosystems such as Kubernetes, Github, Github Action, infrastructure as code, etc
  • You have excellent knowledge of security for networks, protocols, systems and applications
Job Responsibility
Job Responsibility
  • Contribute to the Incident Response (IR) team’s efforts by fostering a culture of proactive defence and continuous improvement through active participation in response processes and initiatives
  • Actively participate in the incident response lifecycle, including preparation, detection, analysis, containment, eradication, recovery and learning, ensuring timely and effective responses to potential threats
  • Support the development and refinement of incident response policies, playbooks, escalation procedures, and tabletop exercises
  • Contribute to post-mortem analyses to improve incident detection and response capabilities continuously
  • Work closely with other relevant teams and roles, such as the DPO, Privacy, Global Incident Teams, the rest of the InfoSec teams, and E&C
  • Assist in managing the external MSSP by ensuring alignment with organisational policies, standards, and expectations regarding service quality
  • Collaborate with the SOC team to monitor and assess the performance of security monitoring, triage, and alerting processes
  • Participate in the operations and enhance the control of defensive security technologies, including EDR, SIEM, DLP, NIDS, and threat intelligence solutions
  • Gather, analyse, and operationalise threat intelligence information to enhance detection, response, and prevention efforts
  • Collaborate to prepare periodic reports and collaborate with cross-functional teams to share valuable insights gained from alerts and incidents
What we offer
What we offer
  • An attractive Base Salary
  • Participation in our Short Term Incentive plan (annual bonus)
  • Work From Anywhere: Enjoy up to 20 days a year of working from anywhere
  • A 24/7 Employee Assistance Program for you and your family
  • A collaborative environment with an opportunity to explore your potential and grow
  • A range of locally relevant benefits
  • Fulltime
Read More
Arrow Right

Information Security Engineer – Cyber Threat Detection & Response

Ryanair Labs are currently recruiting for a Information Security Engineer – Cybe...
Location
Location
Poland , Wroclaw
Salary
Salary:
Not provided
ryanair.com Logo
Ryanair - Europe's Favourite Airline
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 6+ years in SOC, IR, or threat detection roles
  • Hands-on experience with SIEM (e.g., Microsoft Sentinel, Splunk), EDR (e.g., Defender, CrowdStrike)
  • Experience with Azure/AWS cloud security logs and detection use cases
  • Practical knowledge of MITRE ATT&CK
  • Ability to produce meaningful metrics and dashboards (e.g., Sentinel Workbooks, Power BI, Kibana)
  • Strong scripting skills (Python, PowerShell)
  • Clear communication skills across technical and non-technical stakeholders
Job Responsibility
Job Responsibility
  • Develop and tune threat detection rules across SIEM, EDR, and cloud environments
  • Lead containment, eradication, and recovery efforts for cyber incidents
  • Create and maintain dashboards to track KPIs such as MTTD, MTTR, detection coverage, and investigation volume
  • Perform threat hunting based on current threat intelligence and adversary TTPs
  • Automate alert enrichment, triage, and response workflows using SOAR or scripting (Python/PowerShell)
  • Collaborate with IT, cloud, and compliance teams to enhance detection quality and response readiness
  • Contribute to documentation, playbooks, and continuous process improvement
What we offer
What we offer
  • Contract of employment (permanent after trial period)
  • Hybrid home office (2 days per week from the office, 3 days remote)
  • Discounted and unlimited travel to over 250 destinations
  • Multisport card
  • Private health care
  • Group insurance scheme
  • Possibility to take part in conferences, training and courses
  • Office located in the city center with a view for an Old Market Square
  • Annual events (i.e. St. Patrick’s Day)
  • Regular social meetings
  • Fulltime
Read More
Arrow Right

Defensive Security Engineer

As the Defensive Security Engineer, you will be part of the company’s Incident R...
Location
Location
Spain , Barcelona
Salary
Salary:
Not provided
adevinta.com Logo
Adevinta
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • An experienced security analyst with the mentioned solutions and resolving security incidents in large enterprise environments
  • Familiar with Incident Management At Google (IMAG)
  • Structured, analytical, autonomous and proactive persona
  • Familiar with the Agile methodology
  • Experience with security frameworks and methodologies such as MITRE ATT&CK, ENISA or NIST
  • You have a hacker and an open mindset
  • You have software development skills
  • You have a good understanding of AWS Cloud technologies, services, security capabilities, and controls such as SCPs, Security Groups, IAM, etc.
  • You understand SDLC (coding and development) with modern tooling and ecosystems such as Kubernetes, Github, Github Action, infrastructure as code, etc.
  • You have excellent knowledge of security for networks, protocols, systems and applications
Job Responsibility
Job Responsibility
  • Contribute to the Incident Response (IR) team’s efforts by fostering a culture of proactive defence and continuous improvement through active participation in response processes and initiatives
  • Actively participate in the incident response lifecycle, including preparation, detection, analysis, containment, eradication, recovery and learning, ensuring timely and effective responses to potential threats
  • Support the development and refinement of incident response policies, playbooks, escalation procedures, and tabletop exercises
  • Contribute to post-mortem analyses to improve incident detection and response capabilities continuously
  • Work closely with other relevant teams and roles, such as the DPO, Privacy, Global Incident Teams, the rest of the InfoSec teams, and E&C, ensuring effective communication and alignment during incident response efforts
  • Assist in managing the external MSSP by ensuring alignment with organisational policies, standards, and expectations regarding service quality
  • Collaborate with the SOC team to monitor and assess the performance of security monitoring, triage, and alerting processes, contributing to optimising SOC operations and improving efficiency
  • Participate in the operations and enhance the control of defensive security technologies, including EDR, SIEM, DLP, NIDS, and threat intelligence solutions
  • Gather, analyse, and operationalise threat intelligence information to enhance detection, response, and prevention efforts, ensuring timely identification and mitigation of potential threats
  • Collaborate to prepare periodic reports and collaborate with cross-functional teams to share valuable insights gained from alerts and incidents
What we offer
What we offer
  • An attractive Base Salary
  • Participation in our Short Term Incentive plan (annual bonus)
  • Work From Anywhere: Enjoy up to 20 days a year of working from anywhere
  • A 24/7 Employee Assistance Program for you and your family
  • Fulltime
Read More
Arrow Right

Lead Threat Intelligence Analyst

We are looking for a Lead Threat Intelligence Analyst. In this role, you'll be a...
Location
Location
Canada , Toronto
Salary
Salary:
Not provided
take2games.com Logo
Take-Two Interactive Software, Inc.
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • At least 5-7 years of experience in cybersecurity
  • Minimum of 3 years in a dedicated threat intelligence role
  • Strong understanding of the cyber threat landscape, including knowledge of threat actor groups, common attack vectors, and malware families
  • Proven ability to analyze complex data from various sources
  • Familiarity with common threat intelligence frameworks like MITRE ATT&CK, the Cyber Kill Chain, and Diamond Model
  • Excellent written and verbal communication skills
  • Experience with threat intelligence platforms (TIPs), security information and event management (SIEM) systems, and forensic tools
Job Responsibility
Job Responsibility
  • Lead the design, development, and continuous improvement of the organization’s cyber threat intelligence (CTI) program
  • Perform deep-dives into cyber threats, including analyzing malware, understanding adversary tactics, techniques, and procedures (TTPs), and tracking threat actor groups
  • Create and refine threat models and frameworks to predict and prepare for potential attacks
  • Work with our Global Security Operations Center (GSOC), Detection Engineering, Automation Engineers and Incident Response teams to integrate threat intelligence into our detection and prevention systems
  • Generate timely and high-quality intelligence/Threat Landscape reports, risk forecasts and alerts for technical and executive audiences
  • Promote automation of indicator ingestion, correlation, and dissemination across GSOC, Automation and IR platforms
  • Define and track key performance indicators (KPIs) for the threat intelligence program
  • Conduct periodic maturity assessments of the threat intelligence function
  • Provide guidance and mentorship to junior analysts
What we offer
What we offer
  • Medical (HSA & FSA), dental, vision
  • 401(k) with company match
  • Employee stock purchase plan
  • Commuter benefits
  • In-house wellness program
  • Broad learning & development opportunities
  • A charitable giving platform with company match
  • Fitness allowance
  • Employee discount programs
  • Free games & events
  • Fulltime
Read More
Arrow Right

Lead Threat Intelligence Analyst

We are looking for a Lead Threat Intelligence Analyst. In this role, you'll be a...
Location
Location
United States , Las Vegas
Salary
Salary:
Not provided
take2games.com Logo
Take-Two Interactive Software, Inc.
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • At least 5-7 years of experience in cybersecurity
  • Minimum of 3 years in a dedicated threat intelligence role
  • Strong understanding of the cyber threat landscape, including knowledge of threat actor groups, common attack vectors, and malware families
  • Proven ability to analyze complex data from various sources
  • Familiarity with common threat intelligence frameworks like MITRE ATT&CK, the Cyber Kill Chain, and Diamond Model
  • Excellent written and verbal communication skills
  • Experience with threat intelligence platforms (TIPs), security information and event management (SIEM) systems, and forensic tools
Job Responsibility
Job Responsibility
  • Lead the design, development, and continuous improvement of the organization’s cyber threat intelligence (CTI) program
  • Perform deep-dives into cyber threats, including analyzing malware, understanding adversary tactics, techniques, and procedures (TTPs), and tracking threat actor groups
  • Create and refine threat models and frameworks to predict and prepare for potential attacks
  • Work with our Global Security Operations Center (GSOC), Detection Engineering, Automation Engineers and Incident Response teams to integrate threat intelligence into our detection and prevention systems
  • Generate timely and high-quality intelligence/Threat Landscape reports, risk forecasts and alerts for technical and executive audiences
  • Promote automation of indicator ingestion, correlation, and dissemination across GSOC, Automation and IR platforms
  • Define and track key performance indicators (KPIs) for the threat intelligence program
  • Conduct periodic maturity assessments of the threat intelligence function
  • Provide guidance and mentorship to junior analysts
What we offer
What we offer
  • Medical (HSA & FSA)
  • dental
  • vision
  • 401(k) with company match
  • employee stock purchase plan
  • commuter benefits
  • in-house wellness program
  • broad learning & development opportunities
  • a charitable giving platform with company match
  • Fitness allowance
  • Fulltime
Read More
Arrow Right

Lead Threat Intelligence Analyst

We are looking for a Lead Threat Intelligence Analyst. In this role, you'll be a...
Location
Location
United States , New York
Salary
Salary:
133900.00 - 198160.00 USD / Year
take2games.com Logo
Take-Two Interactive Software, Inc.
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • At least 5-7 years of experience in cybersecurity
  • Minimum of 3 years in a dedicated threat intelligence role
  • Strong understanding of the cyber threat landscape, including knowledge of threat actor groups, common attack vectors, and malware families
  • Proven ability to analyze complex data from various sources (e.g., open-source intelligence, dark web forums, technical reports) to form a cohesive threat picture
  • Familiarity with common threat intelligence frameworks like MITRE ATT&CK, the Cyber Kill Chain, and Diamond Model
  • Excellent written and verbal communication skills, with the ability to present technical information clearly to both technical and non-technical audiences
  • Experience with threat intelligence platforms (TIPs), security information and event management (SIEM) systems, and forensic tools
Job Responsibility
Job Responsibility
  • Lead the design, development, and continuous improvement of the organization’s cyber threat intelligence (CTI) program
  • Perform deep-dives into cyber threats, including analyzing malware, understanding adversary tactics, techniques, and procedures (TTPs), and tracking threat actor groups
  • Create and refine threat models and frameworks to predict and prepare for potential attacks
  • Work with our Global Security Operations Center (GSOC), Detection Engineering, Automation Engineers and Incident Response teams to integrate threat intelligence into our detection and prevention systems
  • Generate timely and high-quality intelligence/Threat Landscape reports, risk forecasts and alerts for technical and executive audiences
  • Promote automation of indicator ingestion, correlation, and dissemination across GSOC, Automation and IR platforms
  • Define and track key performance indicators (KPIs) for the threat intelligence program
  • Conduct periodic maturity assessments of the threat intelligence function
  • Provide guidance and mentorship to junior analysts
What we offer
What we offer
  • Medical (HSA & FSA)
  • dental
  • vision
  • 401(k) with company match
  • employee stock purchase plan
  • commuter benefits
  • in-house wellness program
  • broad learning & development opportunities
  • a charitable giving platform with company match
  • Fitness allowance
  • Fulltime
Read More
Arrow Right

Defensive Security Engineer

As the Defensive Security Engineer, you will be part of the company’s Incident R...
Location
Location
Spain , Barcelona
Salary
Salary:
Not provided
adevinta.com Logo
Adevinta
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • An experienced security analyst with the mentioned solutions and resolving security incidents in large enterprise environments
  • Familiar with Incident Management At Google (IMAG)
  • Structured, analytical, autonomous and proactive persona
  • Familiar with the Agile methodology
  • Experience with security frameworks and methodologies such as MITRE ATT&CK, ENISA or NIST
  • You have a hacker and an open mindset
  • You have software development skills
  • You have a good understanding of AWS Cloud technologies, services, security capabilities, and controls such as SCPs, Security Groups, IAM, etc.
  • You understand SDLC (coding and development) with modern tooling and ecosystems such as Kubernetes, Github, Github Action, infrastructure as code, etc.
  • You have excellent knowledge of security for networks, protocols, systems and applications
Job Responsibility
Job Responsibility
  • Contribute to the Incident Response (IR) team’s efforts by fostering a culture of proactive defence and continuous improvement through active participation in response processes and initiatives
  • Actively participate in the incident response lifecycle, including preparation, detection, analysis, containment, eradication, recovery and learning, ensuring timely and effective responses to potential threats
  • Support the development and refinement of incident response policies, playbooks, escalation procedures, and tabletop exercises
  • Contribute to post-mortem analyses to improve incident detection and response capabilities continuously
  • Work closely with other relevant teams and roles, such as the DPO, Privacy, Global Incident Teams, the rest of the InfoSec teams, and E&C, ensuring effective communication and alignment during incident response efforts
  • Assist in managing the external MSSP by ensuring alignment with organisational policies, standards, and expectations regarding service quality
  • Collaborate with the SOC team to monitor and assess the performance of security monitoring, triage, and alerting processes, contributing to optimising SOC operations and improving efficiency
  • Participate in the operations and enhance the control of defensive security technologies, including EDR, SIEM, DLP, NIDS, and threat intelligence solutions
  • Gather, analyse, and operationalise threat intelligence information to enhance detection, response, and prevention efforts, ensuring timely identification and mitigation of potential threats
  • Collaborate to prepare periodic reports and collaborate with cross-functional teams to share valuable insights gained from alerts and incidents
What we offer
What we offer
  • An attractive Base Salary
  • Participation in our Short Term Incentive plan (annual bonus)
  • Work From Anywhere: Enjoy up to 20 days a year of working from anywhere
  • A 24/7 Employee Assistance Program for you and your family
  • A range of locally relevant benefits
  • Fulltime
Read More
Arrow Right

Senior/Staff Threat Detection Engineer

We're looking for an experienced and highly motivated Senior or Staff Threat Det...
Location
Location
United States , San Francisco
Salary
Salary:
214200.00 - 252000.00 USD / Year
abridge.com Logo
Abridge
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 9+ years in Detection Engineering, Incident Response, Advisory Emulation, Offensive Security and/or Threat Intelligence
  • Experience in high-growth environments where you've scaled security capabilities alongside rapid organizational expansion, managing evolving threat landscapes and increasing complexity
  • Exceptional communicator who can influence technical strategy across all organizational levels, from engineers to executive leadership
  • Proven track record leading critical, multi-week incident response efforts and driving post-incident strategic improvements
  • Deep technical expertise with demonstrated ability to architect scalable security systems and drive innovation in detection capabilities
  • History of moving forward ambiguous, organization-wide initiatives through influence, technical vision, and cross-functional collaboration
  • Expert-level knowledge of attacker tactics, techniques, and procedures across multiple threat actor groups
  • Systems thinker who navigates complexity pragmatically while building toward elegant, maintainable solutions
  • Strong experience with cloud security architecture and building production-grade automation and tooling
  • Strong scripting skills in multiple scripting/programming languages (Python, Go, etc.)
Job Responsibility
Job Responsibility
  • Leading investigations of complex, organization-wide security events and establishing best practices across multiple security domains (log analysis, digital forensics, malware analysis)
  • Designing and implementing the strategic roadmap for threat detection capabilities, creating high-fidelity detection systems based on deep understanding of advanced threat actor TTPs
  • Architecting scalable incident response processes and driving automation across the entire IR lifecycle, establishing patterns for the organization
  • Serving as incident commander for critical, cross-organizational security incidents and mentoring others in effective incident management practices
  • Driving security research initiatives, discovering novel detection mechanisms and presenting findings to internal teams, executive leadership, and external audiences
  • Defining build-vs-buy strategies for security tooling, leading major technical evaluations and driving organizational standards for security automation
  • Scaling the security team's capabilities and maturity through technical leadership, mentorship, establishing engineering best practices, and raising the hiring bar
What we offer
What we offer
  • Generous Time Off: 14 paid holidays, flexible PTO for salaried employees, and accrued time off for hourly employees
  • Comprehensive Health Plans: Medical, Dental, and Vision coverage for all full-time employees and their families
  • Generous HSA Contribution: If you choose a High Deductible Health Plan, Abridge makes monthly contributions to your HSA
  • Paid Parental Leave: Generous paid parental leave for all full-time employees
  • Family Forming Benefits: Resources and financial support to help you build your family
  • 401(k) Matching: Contribution matching to help invest in your future
  • Personal Device Allowance: Tax free funds for personal device usage
  • Pre-tax Benefits: Access to Flexible Spending Accounts (FSA) and Commuter Benefits
  • Lifestyle Wallet: Monthly contributions for fitness, professional development, coworking, and more
  • Mental Health Support: Dedicated access to therapy and coaching to help you reach your goals
  • Fulltime
Read More
Arrow Right