CrawlJobs Logo

Security Engineer - IR Threat Intelligence

meta.com Logo

Meta

Location Icon

Location:
United States , Bellevue

Category Icon
Category:
IT - Software Development

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

154000.00 - 217000.00 USD / Year
Save Job
Save Icon
Apply Position

Job Description:

Meta Security is looking for a threat intelligence investigator with extensive experience in investigating cyber threats with an intelligence-driven approach. You will be proactively responding to a broad set of security threats, as well as tracking actor groups with an interest or capability to target Meta and its employees. You will also be identifying the gaps in current detections and preventions by long-term intelligence tracking and research, and working with cross-functional stakeholders to improve Meta’s security posture.

Job Responsibility:

  • Track threat clusters posing threats to Meta’s infrastructure and employees, and identify, develop and implement countermeasures on our corporate network
  • Investigate, mitigate, and forecast emerging technical trends and communicate effectively with actionable suggestions to different types of audiences
  • Work closely with incident responders to provide useful and timely intelligence to enrich ongoing investigations
  • Improve the tooling of threat cluster tracking and intelligence data integration to existing systems
  • Engage constructively in cross-functional projects to improve the security posture of Meta’s infrastructure, such as red team operations, surface detection coverage expansion and vulnerability management discussions

Requirements:

  • 5+ years threat intelligence experience
  • Bachelor's degree or equivalent experience in Security
  • Familiarity with campaign tracking techniques and ability to convert the tracking results to long term countermeasures
  • Familiarity with threat modeling framework, such as Diamond Model or/and MITRE ATT&CK framework
  • Experience intelligence-driven hunting to spot suspicious activities in the network and identify potential risks
  • Proven track record of managing and executing on short term and long term projects
  • Ability to work with a team spanning multiple locations/time zones
  • Ability to prioritize and execute tasks with minimal direction or oversight
  • Ability to think critically and qualify assessments with solid communications skills
  • Coding or scripting experience in one or more scripting languages such as Python or PHP

Nice to have:

  • Experience close collaborating with incident responders on incident investigations
  • Familiarity with malware analysis or network traffic analysis
  • Familiarity with nation-state, sophisticated criminal, or supply chain threats
  • Production of file-based or network-based rules and signatures for detection and tracking of complex threats, such as YARA or Snort
  • Experience in one or more query languages such as SQL
  • Experience writing production code for threat intelligence tooling
  • Experience conducting large scale data analysis
  • Experience working across the broader security community
What we offer:
  • bonus
  • equity
  • benefits

Additional Information:

Job Posted:
January 23, 2026

Icon
Meta - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Security Engineer - IR Threat Intelligence

Lead Threat Intelligence Analyst

We are looking for a Lead Threat Intelligence Analyst. In this role, you'll be a...
Location
Location
United States , New York
Salary
Salary:
133900.00 - 198160.00 USD / Year
take2games.com Logo
Take-Two Interactive Software, Inc.
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • At least 5-7 years of experience in cybersecurity
  • Minimum of 3 years in a dedicated threat intelligence role
  • Strong understanding of the cyber threat landscape, including knowledge of threat actor groups, common attack vectors, and malware families
  • Proven ability to analyze complex data from various sources (e.g., open-source intelligence, dark web forums, technical reports) to form a cohesive threat picture
  • Familiarity with common threat intelligence frameworks like MITRE ATT&CK, the Cyber Kill Chain, and Diamond Model
  • Excellent written and verbal communication skills, with the ability to present technical information clearly to both technical and non-technical audiences
  • Experience with threat intelligence platforms (TIPs), security information and event management (SIEM) systems, and forensic tools
Job Responsibility
Job Responsibility
  • Lead the design, development, and continuous improvement of the organization’s cyber threat intelligence (CTI) program
  • Perform deep-dives into cyber threats, including analyzing malware, understanding adversary tactics, techniques, and procedures (TTPs), and tracking threat actor groups
  • Create and refine threat models and frameworks to predict and prepare for potential attacks
  • Work with our Global Security Operations Center (GSOC), Detection Engineering, Automation Engineers and Incident Response teams to integrate threat intelligence into our detection and prevention systems
  • Generate timely and high-quality intelligence/Threat Landscape reports, risk forecasts and alerts for technical and executive audiences
  • Promote automation of indicator ingestion, correlation, and dissemination across GSOC, Automation and IR platforms
  • Define and track key performance indicators (KPIs) for the threat intelligence program
  • Conduct periodic maturity assessments of the threat intelligence function
  • Provide guidance and mentorship to junior analysts
What we offer
What we offer
  • Medical (HSA & FSA)
  • dental
  • vision
  • 401(k) with company match
  • employee stock purchase plan
  • commuter benefits
  • in-house wellness program
  • broad learning & development opportunities
  • a charitable giving platform with company match
  • Fitness allowance
  • Fulltime
Read More
Arrow Right

Lead Threat Intelligence Analyst

We are looking for a Lead Threat Intelligence Analyst. In this role, you'll be a...
Location
Location
Canada , Toronto
Salary
Salary:
Not provided
take2games.com Logo
Take-Two Interactive Software, Inc.
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • At least 5-7 years of experience in cybersecurity
  • Minimum of 3 years in a dedicated threat intelligence role
  • Strong understanding of the cyber threat landscape, including knowledge of threat actor groups, common attack vectors, and malware families
  • Proven ability to analyze complex data from various sources
  • Familiarity with common threat intelligence frameworks like MITRE ATT&CK, the Cyber Kill Chain, and Diamond Model
  • Excellent written and verbal communication skills
  • Experience with threat intelligence platforms (TIPs), security information and event management (SIEM) systems, and forensic tools
Job Responsibility
Job Responsibility
  • Lead the design, development, and continuous improvement of the organization’s cyber threat intelligence (CTI) program
  • Perform deep-dives into cyber threats, including analyzing malware, understanding adversary tactics, techniques, and procedures (TTPs), and tracking threat actor groups
  • Create and refine threat models and frameworks to predict and prepare for potential attacks
  • Work with our Global Security Operations Center (GSOC), Detection Engineering, Automation Engineers and Incident Response teams to integrate threat intelligence into our detection and prevention systems
  • Generate timely and high-quality intelligence/Threat Landscape reports, risk forecasts and alerts for technical and executive audiences
  • Promote automation of indicator ingestion, correlation, and dissemination across GSOC, Automation and IR platforms
  • Define and track key performance indicators (KPIs) for the threat intelligence program
  • Conduct periodic maturity assessments of the threat intelligence function
  • Provide guidance and mentorship to junior analysts
What we offer
What we offer
  • Medical (HSA & FSA), dental, vision
  • 401(k) with company match
  • Employee stock purchase plan
  • Commuter benefits
  • In-house wellness program
  • Broad learning & development opportunities
  • A charitable giving platform with company match
  • Fitness allowance
  • Employee discount programs
  • Free games & events
  • Fulltime
Read More
Arrow Right

Lead Threat Intelligence Analyst

We are looking for a Lead Threat Intelligence Analyst. In this role, you'll be a...
Location
Location
United States , Las Vegas
Salary
Salary:
Not provided
take2games.com Logo
Take-Two Interactive Software, Inc.
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • At least 5-7 years of experience in cybersecurity
  • Minimum of 3 years in a dedicated threat intelligence role
  • Strong understanding of the cyber threat landscape, including knowledge of threat actor groups, common attack vectors, and malware families
  • Proven ability to analyze complex data from various sources
  • Familiarity with common threat intelligence frameworks like MITRE ATT&CK, the Cyber Kill Chain, and Diamond Model
  • Excellent written and verbal communication skills
  • Experience with threat intelligence platforms (TIPs), security information and event management (SIEM) systems, and forensic tools
Job Responsibility
Job Responsibility
  • Lead the design, development, and continuous improvement of the organization’s cyber threat intelligence (CTI) program
  • Perform deep-dives into cyber threats, including analyzing malware, understanding adversary tactics, techniques, and procedures (TTPs), and tracking threat actor groups
  • Create and refine threat models and frameworks to predict and prepare for potential attacks
  • Work with our Global Security Operations Center (GSOC), Detection Engineering, Automation Engineers and Incident Response teams to integrate threat intelligence into our detection and prevention systems
  • Generate timely and high-quality intelligence/Threat Landscape reports, risk forecasts and alerts for technical and executive audiences
  • Promote automation of indicator ingestion, correlation, and dissemination across GSOC, Automation and IR platforms
  • Define and track key performance indicators (KPIs) for the threat intelligence program
  • Conduct periodic maturity assessments of the threat intelligence function
  • Provide guidance and mentorship to junior analysts
What we offer
What we offer
  • Medical (HSA & FSA)
  • dental
  • vision
  • 401(k) with company match
  • employee stock purchase plan
  • commuter benefits
  • in-house wellness program
  • broad learning & development opportunities
  • a charitable giving platform with company match
  • Fitness allowance
  • Fulltime
Read More
Arrow Right

Sr. Cybersecurity Incident Response Analyst

Blue Yonder, a leading supply chain software company, is seeking a Sr Cybersecur...
Location
Location
Mexico , Monterrey; Mexico City
Salary
Salary:
Not provided
blueyonder.com Logo
Blue Yonder
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Computer Science, Information Security, or related equivalent experience
  • 5+ years of experience in information security or cybersecurity as an analyst, engineer or consultant
  • MUST have experience with incident response methodologies and tools (e.g. SANS IR, EDR, SIEM, Threat Intelligence, etc.)
  • Strong technical skills and attention to detail
  • Excellent verbal and written communication skills
  • Ability to work independently and as part of a team
  • Ability to work under pressure and in a fast-paced environment
  • Strong problem-solving skills and a proactive approach to work
  • Knowledge of security frameworks such as NIST and ISO 27001
  • Familiarity with security regulations and standards (e.g. PCI DSS, HIPAA, etc.)
Job Responsibility
Job Responsibility
  • Monitor and Analyze Security Alerts – Review alerts generated by security systems, appliances, and logs to determine the appropriate course of action to protect the enterprise and reduce overall risk
  • Incident Triage and Response – Quickly assess, prioritize, and respond to security incidents, ensuring timely containment, eradication, and recovery to minimize business impact
  • Root Cause Analysis (RCA) – Investigate security incidents to determine root causes, attack vectors, and vulnerabilities, providing recommendations to reduce the attack surface and prevent recurrence
  • Threat Hunting and Proactive Defense – Conduct proactive threat-hunting activities based on intelligence, anomalies, and adversary tactics to identify and mitigate threats before they escalate
  • Collaboration with Cross-Functional Teams – Work closely with IT, engineering, legal, compliance, and other teams to coordinate incident response efforts and ensure an effective security posture
  • Incident Documentation and Reporting – Maintain detailed documentation of security incidents, response actions, and lessons learned, ensuring continuous improvement in security processes
  • Develop and Improve Incident Response Playbooks – Enhance and maintain incident response procedures, ensuring alignment with industry best practices and emerging threats
  • Security Awareness and Training – Provide guidance, training, and mentorship to SOC analysts and IT staff on security threats, incident handling, and response best practices
  • Threat Intelligence Integration – Leverage threat intelligence sources to stay informed on evolving cyber threats and proactively adjust security strategies to defend against them
  • Fulltime
Read More
Arrow Right

Senior Security Engineer – Threat Detection & Response

Sigma is seeking a Senior Security Engineer- Detection & Response (Threat-Inform...
Location
Location
United States , New York City
Salary
Salary:
210000.00 - 240000.00 USD / Year
sigmacomputing.com Logo
Sigma Computing
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum 7+ years in security with at least 5+ years deeply focused on detection engineering, incident response, or threat hunting in cloud-native environments and a track record of working in fast paced SaaS environments,moving organizations from reactive IR to threat-informed defense
  • Bachelor’s or Master’s degree in Computer Science, Cyber Security, or a related field
  • Hands-on proficiency in securing AWS/GCP/Azure + modern Identity Stack, including experience with Kubernetes security and Terraform/IaC
  • Strong coding ability to build automations, security pipeline, detection as code etc
  • Deep understanding of cloud IAM attack paths, token/session abuse, API threats, and data exfiltration patterns, CI/CD for detections
  • Experience designing and operating telemetry pipelines (normalization, correlation, data quality, schema strategy)
  • Strong incident response leadership for high-severity events in production environments
  • Deep familiarity with threat intelligence frameworks (MITRE ATT&CK) and the ability to convert raw intel into actionable detection/prevention strategies
  • Proven experience running incident response tests, breach and attack simulations (BAS), or red/blue team exercises
  • Deep expertise in security tooling across SIEM, EDR, CNAPP, WAF, CASB, and Data Security platforms and judgment to know when to buy vs build
Job Responsibility
Job Responsibility
  • Adversary Response Planning: Develop and maintain a comprehensive adversary response strategy, mapping organizational risks to specific threat actor TTPs (Tactics, Techniques, and Procedures)
  • Cross-Functional Leadership: Act as a Subject Matter Expert to Infrastructure, Engineering, and security teams. Guide these partners in implementing proactive security controls, ensuring that security is 'baked in' to the development lifecycle and corporate infrastructure
  • Proactive Threat Modeling: Lead and build collaborative threat modeling sessions for new products and infrastructure, helping cloud platform, Engineering and IT identify and neutralize architectural weaknesses before deployment
  • Continuous Detection Engineering: Build, tune, and constantly update a library of high-fidelity detections. You will ensure our alerting logic evolves in lockstep with new exploitation techniques and industry benchmarks
  • Industry Alignment: Monitor the evolving security landscape (e.g., CISA advisories, new MITRE techniques) to ensure Sigma remains at the forefront of industry-standard security controls
  • Resilience Testing & Training: Design and lead cross-functional Incident Response simulations and tabletop exercises. Use these sessions to educate non-security teams on their roles during a crisis and to identify gaps in our defense-in-depth strategy
  • Advanced Incident Management: Lead the full lifecycle of high-severity security incidents, acting as the primary SME for containment and eradication while managing communication with executive leadership
  • Automation & Orchestration: Architect SOAR workflows to ensure common adversary techniques are met with immediate, automated remediation, reducing the manual burden on IT and Ops
What we offer
What we offer
  • Equity
  • Generous health benefits
  • Flexible time off policy. Take the time off you need!
  • Paid bonding time for all new parents
  • Traditional and Roth 401k
  • Commuter and FSA benefits
  • Lunch Program
  • Dog friendly office
  • Fulltime
Read More
Arrow Right

Senior Security Researcher

Microsoft Defender Experts provides expert-led services that help organizations ...
Location
Location
India , Hyderabad
Salary
Salary:
Not provided
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Graduate degree in engineering or equivalent discipline
  • 7–15 years of experience in cybersecurity (SOC, IR, Threat Hunting, Red Team)
  • Hands-on experience with SIEM, EDR, and cloud-native security tools (Microsoft XDR, Sentinel, CrowdStrike, etc.)
  • Good experience with at least one cloud platform (Azure, AWS, GCP) and its associated security services and configurations
  • Proficiency in KQL, Python, or similar scripting languages for data analysis and automation
  • Strong knowledge of MITRE ATT&CK, Cyber Kill Chain, and adversary TTPs
  • Familiarity with operating system internals (Windows, Linux) and endpoint/network forensics
Job Responsibility
Job Responsibility
  • Monitor, triage, and respond to security incidents using alerts and incidents from Microsoft Defender products (MDE, MDI, MDO, MDA, MDC, Sentinel etc.)
  • Perform proactive threat hunting using hypothesis, and telemetry from endpoints, identities, cloud and network
  • Develop hunting queries using Kusto Query Language (KQL) or similar to uncover suspicious patterns and behaviours
  • Investigate security incidents across hybrid environments and contribute to root cause analysis and containment strategies
  • Collaborate with internal teams (defender, threat intelligence, engineering) to enhance detection logic, develop automations, and improve incident response workflows
  • Contribute to incident documentation, detection playbooks, and operational runbooks
  • Stay current with evolving threat landscapes, cloud attack vectors, and advanced persistent threats (APT)
  • Develop necessary automation (e.g. using Jupyter Notebooks) to scale Threat Hunting
  • Fulltime
Read More
Arrow Right

Senior Security Engineer – Cloud & Data Security

We are hiring a Senior, hands-on Cloud Security Engineer to secure a large-scale...
Location
Location
United States , New York
Salary
Salary:
210000.00 - 240000.00 USD / Year
sigmacomputing.com Logo
Sigma Computing
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum 7+ years in Security roles with at least 5+ years focused on Cloud security engineering,IAM, and Data security
  • Bachelor’s or Master’s degree in Computer Science, Cyber Security, or a related field
  • Deep technical expertise in cloud architectures AWS/Azure/GCP
  • including IAM, networking (VPCs, security groups, PrivateLink), and native security services is strongly desired
  • Strong infrastructure-as-code skills—you write Terraform professionally, not just read it
  • Advanced understanding and experience with container security, Kubernetes, and secure CI/CD pipeline design
  • Proven ability to demonstrate incident response experience specifically related to cloud-based malicious activity and breach remediation
  • Advanced Cloud IAM expertise: federation, SSO, PAM/JIT access, service identities, and least privilege design
  • Strong background in cloud network security (segmentation, private connectivity, egress controls, WAF)
  • Strong proficiency in scripting languages (e.g., Python, Go, PowerShell) for automation, data analysis, and security tooling development
Job Responsibility
Job Responsibility
  • Architectural Leadership: Partner deeply with infrastructure and engineering teams to embed security into development workflows, leading high-level technical discussions to guide security efforts and strategic priorities
  • Multi-Cloud Engineering: Design, implement, and continuously improve Sigma Cloud Security across AWS, GCP, and Azure environments with architect-level technical depth
  • Threat Modeling & IR: Conduct cloud threat modeling and demonstrate hands-on experience in Cloud Incident Response, including investigating and remediating malicious activity within cloud environments
  • Identity & Access: Build IAM and privileged access strategy (RBAC/ABAC, federation, least privilege, cross-account access), eliminating standing privilege and long-lived credentials. Develop and enforce IAM best practices, including zero-trust models and privileged access controls across IaaS and SaaS
  • Drive cloud data security controls including classification, encryption/KMS, masking/tokenization, access governance, retention/deletion, and exfiltration risk reduction across APIs and data pipelines
  • Develop automated remediation workflows for recurring cloud misconfigurations, drift, and policy violations to reduce manual effort and response time
  • Security Stack Management: Deploy and manage cloud-native services (CSPM, CNAPP, DSPM, SIEM, DLP, WAF, Kubernetes, and container security)
  • Network Defense: Review and apply zero-trust principles through strict network segmentation, authentication, and authorization
  • Automation: Develop sophisticated signatures/rules for cloud security and automate detection and response workflows
  • AI : Use AI securely and effectively to scale security practices and improve team efficiency
What we offer
What we offer
  • Equity
  • Generous health benefits
  • Flexible time off policy
  • Paid bonding time for all new parents
  • Traditional and Roth 401k
  • Commuter and FSA benefits
  • Lunch Program
  • Dog friendly office
  • Fulltime
Read More
Arrow Right

Senior/Staff Threat Detection Engineer

We're looking for an experienced and highly motivated Senior or Staff Threat Det...
Location
Location
United States , San Francisco
Salary
Salary:
214200.00 - 252000.00 USD / Year
abridge.com Logo
Abridge
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 9+ years in Detection Engineering, Incident Response, Advisory Emulation, Offensive Security and/or Threat Intelligence
  • Experience in high-growth environments where you've scaled security capabilities alongside rapid organizational expansion, managing evolving threat landscapes and increasing complexity
  • Exceptional communicator who can influence technical strategy across all organizational levels, from engineers to executive leadership
  • Proven track record leading critical, multi-week incident response efforts and driving post-incident strategic improvements
  • Deep technical expertise with demonstrated ability to architect scalable security systems and drive innovation in detection capabilities
  • History of moving forward ambiguous, organization-wide initiatives through influence, technical vision, and cross-functional collaboration
  • Expert-level knowledge of attacker tactics, techniques, and procedures across multiple threat actor groups
  • Systems thinker who navigates complexity pragmatically while building toward elegant, maintainable solutions
  • Strong experience with cloud security architecture and building production-grade automation and tooling
  • Strong scripting skills in multiple scripting/programming languages (Python, Go, etc.)
Job Responsibility
Job Responsibility
  • Leading investigations of complex, organization-wide security events and establishing best practices across multiple security domains (log analysis, digital forensics, malware analysis)
  • Designing and implementing the strategic roadmap for threat detection capabilities, creating high-fidelity detection systems based on deep understanding of advanced threat actor TTPs
  • Architecting scalable incident response processes and driving automation across the entire IR lifecycle, establishing patterns for the organization
  • Serving as incident commander for critical, cross-organizational security incidents and mentoring others in effective incident management practices
  • Driving security research initiatives, discovering novel detection mechanisms and presenting findings to internal teams, executive leadership, and external audiences
  • Defining build-vs-buy strategies for security tooling, leading major technical evaluations and driving organizational standards for security automation
  • Scaling the security team's capabilities and maturity through technical leadership, mentorship, establishing engineering best practices, and raising the hiring bar
What we offer
What we offer
  • Generous Time Off: 14 paid holidays, flexible PTO for salaried employees, and accrued time off for hourly employees
  • Comprehensive Health Plans: Medical, Dental, and Vision coverage for all full-time employees and their families
  • Generous HSA Contribution: If you choose a High Deductible Health Plan, Abridge makes monthly contributions to your HSA
  • Paid Parental Leave: Generous paid parental leave for all full-time employees
  • Family Forming Benefits: Resources and financial support to help you build your family
  • 401(k) Matching: Contribution matching to help invest in your future
  • Personal Device Allowance: Tax free funds for personal device usage
  • Pre-tax Benefits: Access to Flexible Spending Accounts (FSA) and Commuter Benefits
  • Lifestyle Wallet: Monthly contributions for fitness, professional development, coworking, and more
  • Mental Health Support: Dedicated access to therapy and coaching to help you reach your goals
  • Fulltime
Read More
Arrow Right
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Germany Jobs Ireland Jobs Poland Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
CrawlJobs Group
ITFlashcards AllDevBlogs
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy