CrawlJobs Logo

Security Engineer - IR Threat Intelligence

meta.com Logo

Meta

Location Icon

Location:
United States , Bellevue

Category Icon
Category:
IT - Software Development

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

154000.00 - 217000.00 USD / Year
Save Job
Save Icon
Apply Position

Job Description:

Meta Security is looking for a threat intelligence investigator with extensive experience in investigating cyber threats with an intelligence-driven approach. You will be proactively responding to a broad set of security threats, as well as tracking actor groups with an interest or capability to target Meta and its employees. You will also be identifying the gaps in current detections and preventions by long-term intelligence tracking and research, and working with cross-functional stakeholders to improve Meta’s security posture.

Job Responsibility:

  • Track threat clusters posing threats to Meta’s infrastructure and employees, and identify, develop and implement countermeasures on our corporate network
  • Investigate, mitigate, and forecast emerging technical trends and communicate effectively with actionable suggestions to different types of audiences
  • Work closely with incident responders to provide useful and timely intelligence to enrich ongoing investigations
  • Improve the tooling of threat cluster tracking and intelligence data integration to existing systems
  • Engage constructively in cross-functional projects to improve the security posture of Meta’s infrastructure, such as red team operations, surface detection coverage expansion and vulnerability management discussions

Requirements:

  • 5+ years threat intelligence experience
  • Bachelor's degree or equivalent experience in Security
  • Familiarity with campaign tracking techniques and ability to convert the tracking results to long term countermeasures
  • Familiarity with threat modeling framework, such as Diamond Model or/and MITRE ATT&CK framework
  • Experience intelligence-driven hunting to spot suspicious activities in the network and identify potential risks
  • Proven track record of managing and executing on short term and long term projects
  • Ability to work with a team spanning multiple locations/time zones
  • Ability to prioritize and execute tasks with minimal direction or oversight
  • Ability to think critically and qualify assessments with solid communications skills
  • Coding or scripting experience in one or more scripting languages such as Python or PHP

Nice to have:

  • Experience close collaborating with incident responders on incident investigations
  • Familiarity with malware analysis or network traffic analysis
  • Familiarity with nation-state, sophisticated criminal, or supply chain threats
  • Production of file-based or network-based rules and signatures for detection and tracking of complex threats, such as YARA or Snort
  • Experience in one or more query languages such as SQL
  • Experience writing production code for threat intelligence tooling
  • Experience conducting large scale data analysis
  • Experience working across the broader security community
What we offer:
  • bonus
  • equity
  • benefits

Additional Information:

Job Posted:
January 23, 2026

Icon
Meta - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Security Engineer - IR Threat Intelligence

Lead Threat Intelligence Analyst

We are looking for a Lead Threat Intelligence Analyst. In this role, you'll be a...
Location
Location
United States , New York
Salary
Salary:
133900.00 - 198160.00 USD / Year
take2games.com Logo
Take-Two Interactive Software, Inc.
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • At least 5-7 years of experience in cybersecurity
  • Minimum of 3 years in a dedicated threat intelligence role
  • Strong understanding of the cyber threat landscape, including knowledge of threat actor groups, common attack vectors, and malware families
  • Proven ability to analyze complex data from various sources (e.g., open-source intelligence, dark web forums, technical reports) to form a cohesive threat picture
  • Familiarity with common threat intelligence frameworks like MITRE ATT&CK, the Cyber Kill Chain, and Diamond Model
  • Excellent written and verbal communication skills, with the ability to present technical information clearly to both technical and non-technical audiences
  • Experience with threat intelligence platforms (TIPs), security information and event management (SIEM) systems, and forensic tools
Job Responsibility
Job Responsibility
  • Lead the design, development, and continuous improvement of the organization’s cyber threat intelligence (CTI) program
  • Perform deep-dives into cyber threats, including analyzing malware, understanding adversary tactics, techniques, and procedures (TTPs), and tracking threat actor groups
  • Create and refine threat models and frameworks to predict and prepare for potential attacks
  • Work with our Global Security Operations Center (GSOC), Detection Engineering, Automation Engineers and Incident Response teams to integrate threat intelligence into our detection and prevention systems
  • Generate timely and high-quality intelligence/Threat Landscape reports, risk forecasts and alerts for technical and executive audiences
  • Promote automation of indicator ingestion, correlation, and dissemination across GSOC, Automation and IR platforms
  • Define and track key performance indicators (KPIs) for the threat intelligence program
  • Conduct periodic maturity assessments of the threat intelligence function
  • Provide guidance and mentorship to junior analysts
What we offer
What we offer
  • Medical (HSA & FSA)
  • dental
  • vision
  • 401(k) with company match
  • employee stock purchase plan
  • commuter benefits
  • in-house wellness program
  • broad learning & development opportunities
  • a charitable giving platform with company match
  • Fitness allowance
  • Fulltime
Read More
Arrow Right

Lead Threat Intelligence Analyst

We are looking for a Lead Threat Intelligence Analyst. In this role, you'll be a...
Location
Location
Canada , Toronto
Salary
Salary:
Not provided
take2games.com Logo
Take-Two Interactive Software, Inc.
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • At least 5-7 years of experience in cybersecurity
  • Minimum of 3 years in a dedicated threat intelligence role
  • Strong understanding of the cyber threat landscape, including knowledge of threat actor groups, common attack vectors, and malware families
  • Proven ability to analyze complex data from various sources
  • Familiarity with common threat intelligence frameworks like MITRE ATT&CK, the Cyber Kill Chain, and Diamond Model
  • Excellent written and verbal communication skills
  • Experience with threat intelligence platforms (TIPs), security information and event management (SIEM) systems, and forensic tools
Job Responsibility
Job Responsibility
  • Lead the design, development, and continuous improvement of the organization’s cyber threat intelligence (CTI) program
  • Perform deep-dives into cyber threats, including analyzing malware, understanding adversary tactics, techniques, and procedures (TTPs), and tracking threat actor groups
  • Create and refine threat models and frameworks to predict and prepare for potential attacks
  • Work with our Global Security Operations Center (GSOC), Detection Engineering, Automation Engineers and Incident Response teams to integrate threat intelligence into our detection and prevention systems
  • Generate timely and high-quality intelligence/Threat Landscape reports, risk forecasts and alerts for technical and executive audiences
  • Promote automation of indicator ingestion, correlation, and dissemination across GSOC, Automation and IR platforms
  • Define and track key performance indicators (KPIs) for the threat intelligence program
  • Conduct periodic maturity assessments of the threat intelligence function
  • Provide guidance and mentorship to junior analysts
What we offer
What we offer
  • Medical (HSA & FSA), dental, vision
  • 401(k) with company match
  • Employee stock purchase plan
  • Commuter benefits
  • In-house wellness program
  • Broad learning & development opportunities
  • A charitable giving platform with company match
  • Fitness allowance
  • Employee discount programs
  • Free games & events
  • Fulltime
Read More
Arrow Right

Lead Threat Intelligence Analyst

We are looking for a Lead Threat Intelligence Analyst. In this role, you'll be a...
Location
Location
United States , Las Vegas
Salary
Salary:
Not provided
take2games.com Logo
Take-Two Interactive Software, Inc.
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • At least 5-7 years of experience in cybersecurity
  • Minimum of 3 years in a dedicated threat intelligence role
  • Strong understanding of the cyber threat landscape, including knowledge of threat actor groups, common attack vectors, and malware families
  • Proven ability to analyze complex data from various sources
  • Familiarity with common threat intelligence frameworks like MITRE ATT&CK, the Cyber Kill Chain, and Diamond Model
  • Excellent written and verbal communication skills
  • Experience with threat intelligence platforms (TIPs), security information and event management (SIEM) systems, and forensic tools
Job Responsibility
Job Responsibility
  • Lead the design, development, and continuous improvement of the organization’s cyber threat intelligence (CTI) program
  • Perform deep-dives into cyber threats, including analyzing malware, understanding adversary tactics, techniques, and procedures (TTPs), and tracking threat actor groups
  • Create and refine threat models and frameworks to predict and prepare for potential attacks
  • Work with our Global Security Operations Center (GSOC), Detection Engineering, Automation Engineers and Incident Response teams to integrate threat intelligence into our detection and prevention systems
  • Generate timely and high-quality intelligence/Threat Landscape reports, risk forecasts and alerts for technical and executive audiences
  • Promote automation of indicator ingestion, correlation, and dissemination across GSOC, Automation and IR platforms
  • Define and track key performance indicators (KPIs) for the threat intelligence program
  • Conduct periodic maturity assessments of the threat intelligence function
  • Provide guidance and mentorship to junior analysts
What we offer
What we offer
  • Medical (HSA & FSA)
  • dental
  • vision
  • 401(k) with company match
  • employee stock purchase plan
  • commuter benefits
  • in-house wellness program
  • broad learning & development opportunities
  • a charitable giving platform with company match
  • Fitness allowance
  • Fulltime
Read More
Arrow Right

Sr. Cybersecurity Incident Response Analyst

Blue Yonder, a leading supply chain software company, is seeking a Sr Cybersecur...
Location
Location
Mexico , Monterrey; Mexico City
Salary
Salary:
Not provided
blueyonder.com Logo
Blue Yonder
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Computer Science, Information Security, or related equivalent experience
  • 5+ years of experience in information security or cybersecurity as an analyst, engineer or consultant
  • MUST have experience with incident response methodologies and tools (e.g. SANS IR, EDR, SIEM, Threat Intelligence, etc.)
  • Strong technical skills and attention to detail
  • Excellent verbal and written communication skills
  • Ability to work independently and as part of a team
  • Ability to work under pressure and in a fast-paced environment
  • Strong problem-solving skills and a proactive approach to work
  • Knowledge of security frameworks such as NIST and ISO 27001
  • Familiarity with security regulations and standards (e.g. PCI DSS, HIPAA, etc.)
Job Responsibility
Job Responsibility
  • Monitor and Analyze Security Alerts – Review alerts generated by security systems, appliances, and logs to determine the appropriate course of action to protect the enterprise and reduce overall risk
  • Incident Triage and Response – Quickly assess, prioritize, and respond to security incidents, ensuring timely containment, eradication, and recovery to minimize business impact
  • Root Cause Analysis (RCA) – Investigate security incidents to determine root causes, attack vectors, and vulnerabilities, providing recommendations to reduce the attack surface and prevent recurrence
  • Threat Hunting and Proactive Defense – Conduct proactive threat-hunting activities based on intelligence, anomalies, and adversary tactics to identify and mitigate threats before they escalate
  • Collaboration with Cross-Functional Teams – Work closely with IT, engineering, legal, compliance, and other teams to coordinate incident response efforts and ensure an effective security posture
  • Incident Documentation and Reporting – Maintain detailed documentation of security incidents, response actions, and lessons learned, ensuring continuous improvement in security processes
  • Develop and Improve Incident Response Playbooks – Enhance and maintain incident response procedures, ensuring alignment with industry best practices and emerging threats
  • Security Awareness and Training – Provide guidance, training, and mentorship to SOC analysts and IT staff on security threats, incident handling, and response best practices
  • Threat Intelligence Integration – Leverage threat intelligence sources to stay informed on evolving cyber threats and proactively adjust security strategies to defend against them
  • Fulltime
Read More
Arrow Right

Director, Rapid Response

We are seeking a Director of Rapid Response for our Unit 42 Threat Intelligence ...
Location
Location
United States , Santa Clara
Salary
Salary:
243800.00 - 334575.00 USD / Year
paloaltonetworks.com Logo
Palo Alto Networks
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Highly organized with the ability to manage complex multi-tasking, prioritize effectively, and triage competing demands in a fast-paced environment
  • Ability to advance objectives across matrixed teams and influence without direct reporting authority
  • Strong public speaking and presentation skills, with the ability to effectively communicate complex threat intelligence information to diverse audiences, including executives, conferences, and internal stakeholders
  • Demonstrated ability to coordinate with cross-organizational threat analysts, facilitating collaboration, and aligning efforts to achieve common goals
  • Proven experience leading threat intelligence projects, integrating intelligence systems, and implementing new processes for multiple stakeholders
  • Demonstrated experience speaking at conferences and with customers on research performed
  • Proven experience throughout the cyber threat intelligence lifecycle, from data collection to production of intelligence outputs, such as blogs and whitepapers
  • Experience writing and editing threat intelligence reporting.
Job Responsibility
Job Responsibility
  • Collaborate with threat analysts, detection engineers, and security consultants from various teams and departments within the organization
  • Coordinate and balance priorities across diverse teams, including Communications, Legal, Policy, Marketing, to align external and internal messaging around global cyber events
  • Triage and prioritize threat intelligence research requests during Rapid Response engagements
  • Work closely with the external engagement team to manage the flow of Rapid Response content, including blogs, social media content, and updates on major cyber events
  • Contribute to thought leadership initiatives by sharing insights and expertise on Unit 42 Threat Vector podcasts, at security conferences, and through internal and external executive briefings
  • Establish and execute internal projects to mature and scale our Rapid Response capabilities
  • Harness the full weight of the company's unique data holdings, including security product telemetry, front line Incident Response (IR) and Managed Detection and Response (MDR) data, and Intel Holdings.
  • Fulltime
Read More
Arrow Right

Senior Security Researcher

Microsoft Defender Experts provides expert-led services that help organizations ...
Location
Location
India , Hyderabad
Salary
Salary:
Not provided
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Graduate degree in engineering or equivalent discipline
  • 7–15 years of experience in cybersecurity (SOC, IR, Threat Hunting, Red Team)
  • Hands-on experience with SIEM, EDR, and cloud-native security tools (Microsoft XDR, Sentinel, CrowdStrike, etc.)
  • Good experience with at least one cloud platform (Azure, AWS, GCP) and its associated security services and configurations
  • Proficiency in KQL, Python, or similar scripting languages for data analysis and automation
  • Strong knowledge of MITRE ATT&CK, Cyber Kill Chain, and adversary TTPs
  • Familiarity with operating system internals (Windows, Linux) and endpoint/network forensics
Job Responsibility
Job Responsibility
  • Monitor, triage, and respond to security incidents using alerts and incidents from Microsoft Defender products (MDE, MDI, MDO, MDA, MDC, Sentinel etc.)
  • Perform proactive threat hunting using hypothesis, and telemetry from endpoints, identities, cloud and network
  • Develop hunting queries using Kusto Query Language (KQL) or similar to uncover suspicious patterns and behaviours
  • Investigate security incidents across hybrid environments and contribute to root cause analysis and containment strategies
  • Collaborate with internal teams (defender, threat intelligence, engineering) to enhance detection logic, develop automations, and improve incident response workflows
  • Contribute to incident documentation, detection playbooks, and operational runbooks
  • Stay current with evolving threat landscapes, cloud attack vectors, and advanced persistent threats (APT)
  • Develop necessary automation (e.g. using Jupyter Notebooks) to scale Threat Hunting
  • Fulltime
Read More
Arrow Right

Mdr shift analyst

We are seeking a driven and analytical MDR Shift Analyst to join the Unit 42 Man...
Location
Location
United States , Santa Clara
Salary
Salary:
87000.00 - 139500.00 USD / Year
paloaltonetworks.it Logo
Palo Alto Networks Italia
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 3+ years of experience working in a Security Operations Center (SOC), Incident Response (IR), or Managed Security Services environment
  • Hands-on experience with security technologies such as: EDR (Endpoint Detection and Response)
  • SIEM platforms
  • SOAR platforms
  • Firewall technologies
  • Strong understanding of cyberattack techniques, threat vectors, and common attack patterns
  • Experience investigating security alerts and performing incident triage
  • Ability to analyze logs, endpoint activity, and security telemetry to determine potential threats
  • Excellent written and verbal communication skills in English
Job Responsibility
Job Responsibility
  • Monitor customer environments and investigate alerts generated by security technologies including Cortex XDR and other endpoint and network detection platforms
  • Detect, triage, and respond to cybersecurity incidents impacting customer environments
  • Own and manage the incident lifecycle, from initial detection through investigation, containment, remediation, and closure
  • Perform threat analysis to identify malicious activity, suspicious behaviors, and potential security incidents
  • Collaborate with Security Research, Threat Intelligence, and Threat Hunting teams to detect and respond to emerging threats
  • Provide clear and actionable updates to internal teams and customers regarding incident findings and remediation recommendations
  • Document incident investigations, response actions, and security findings to maintain strong operational visibility
  • Provide feedback to product, research, engineering, and threat teams to help improve detection capabilities across Palo Alto Networks products
  • Contribute to operational improvements by helping refine investigation processes, playbooks, and response workflows
  • Work closely with a global team supporting customers across different industries and regions
  • Fulltime
Read More
Arrow Right

Senior/Staff Threat Detection Engineer

We're looking for an experienced and highly motivated Senior or Staff Threat Det...
Location
Location
United States , San Francisco
Salary
Salary:
214200.00 - 252000.00 USD / Year
abridge.com Logo
Abridge
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 9+ years in Detection Engineering, Incident Response, Advisory Emulation, Offensive Security and/or Threat Intelligence
  • Experience in high-growth environments where you've scaled security capabilities alongside rapid organizational expansion, managing evolving threat landscapes and increasing complexity
  • Exceptional communicator who can influence technical strategy across all organizational levels, from engineers to executive leadership
  • Proven track record leading critical, multi-week incident response efforts and driving post-incident strategic improvements
  • Deep technical expertise with demonstrated ability to architect scalable security systems and drive innovation in detection capabilities
  • History of moving forward ambiguous, organization-wide initiatives through influence, technical vision, and cross-functional collaboration
  • Expert-level knowledge of attacker tactics, techniques, and procedures across multiple threat actor groups
  • Systems thinker who navigates complexity pragmatically while building toward elegant, maintainable solutions
  • Strong experience with cloud security architecture and building production-grade automation and tooling
  • Strong scripting skills in multiple scripting/programming languages (Python, Go, etc.)
Job Responsibility
Job Responsibility
  • Leading investigations of complex, organization-wide security events and establishing best practices across multiple security domains (log analysis, digital forensics, malware analysis)
  • Designing and implementing the strategic roadmap for threat detection capabilities, creating high-fidelity detection systems based on deep understanding of advanced threat actor TTPs
  • Architecting scalable incident response processes and driving automation across the entire IR lifecycle, establishing patterns for the organization
  • Serving as incident commander for critical, cross-organizational security incidents and mentoring others in effective incident management practices
  • Driving security research initiatives, discovering novel detection mechanisms and presenting findings to internal teams, executive leadership, and external audiences
  • Defining build-vs-buy strategies for security tooling, leading major technical evaluations and driving organizational standards for security automation
  • Scaling the security team's capabilities and maturity through technical leadership, mentorship, establishing engineering best practices, and raising the hiring bar
What we offer
What we offer
  • Generous Time Off: 14 paid holidays, flexible PTO for salaried employees, and accrued time off for hourly employees
  • Comprehensive Health Plans: Medical, Dental, and Vision coverage for all full-time employees and their families
  • Generous HSA Contribution: If you choose a High Deductible Health Plan, Abridge makes monthly contributions to your HSA
  • Paid Parental Leave: Generous paid parental leave for all full-time employees
  • Family Forming Benefits: Resources and financial support to help you build your family
  • 401(k) Matching: Contribution matching to help invest in your future
  • Personal Device Allowance: Tax free funds for personal device usage
  • Pre-tax Benefits: Access to Flexible Spending Accounts (FSA) and Commuter Benefits
  • Lifestyle Wallet: Monthly contributions for fitness, professional development, coworking, and more
  • Mental Health Support: Dedicated access to therapy and coaching to help you reach your goals
  • Fulltime
Read More
Arrow Right