CrawlJobs Logo

Security Engineer - IR Threat Intelligence

meta.com Logo

Meta

Location Icon

Location:
United States , Bellevue

Category Icon
Category:
IT - Software Development

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

154000.00 - 217000.00 USD / Year
Save Job
Save Icon
Apply Position

Job Description:

Meta Security is looking for a threat intelligence investigator with extensive experience in investigating cyber threats with an intelligence-driven approach. You will be proactively responding to a broad set of security threats, as well as tracking actor groups with an interest or capability to target Meta and its employees. You will also be identifying the gaps in current detections and preventions by long-term intelligence tracking and research, and working with cross-functional stakeholders to improve Meta’s security posture.

Job Responsibility:

  • Track threat clusters posing threats to Meta’s infrastructure and employees, and identify, develop and implement countermeasures on our corporate network
  • Investigate, mitigate, and forecast emerging technical trends and communicate effectively with actionable suggestions to different types of audiences
  • Work closely with incident responders to provide useful and timely intelligence to enrich ongoing investigations
  • Improve the tooling of threat cluster tracking and intelligence data integration to existing systems
  • Engage constructively in cross-functional projects to improve the security posture of Meta’s infrastructure, such as red team operations, surface detection coverage expansion and vulnerability management discussions

Requirements:

  • 5+ years threat intelligence experience
  • Bachelor's degree or equivalent experience in Security
  • Familiarity with campaign tracking techniques and ability to convert the tracking results to long term countermeasures
  • Familiarity with threat modeling framework, such as Diamond Model or/and MITRE ATT&CK framework
  • Experience intelligence-driven hunting to spot suspicious activities in the network and identify potential risks
  • Proven track record of managing and executing on short term and long term projects
  • Ability to work with a team spanning multiple locations/time zones
  • Ability to prioritize and execute tasks with minimal direction or oversight
  • Ability to think critically and qualify assessments with solid communications skills
  • Coding or scripting experience in one or more scripting languages such as Python or PHP

Nice to have:

  • Experience close collaborating with incident responders on incident investigations
  • Familiarity with malware analysis or network traffic analysis
  • Familiarity with nation-state, sophisticated criminal, or supply chain threats
  • Production of file-based or network-based rules and signatures for detection and tracking of complex threats, such as YARA or Snort
  • Experience in one or more query languages such as SQL
  • Experience writing production code for threat intelligence tooling
  • Experience conducting large scale data analysis
  • Experience working across the broader security community
What we offer:
  • bonus
  • equity
  • benefits

Additional Information:

Job Posted:
January 23, 2026

Icon
Meta - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Security Engineer - IR Threat Intelligence

Lead Threat Intelligence Analyst

We are looking for a Lead Threat Intelligence Analyst. In this role, you'll be a...
Location
Location
United States , New York
Salary
Salary:
133900.00 - 198160.00 USD / Year
take2games.com Logo
Take-Two Interactive Software, Inc.
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • At least 5-7 years of experience in cybersecurity
  • Minimum of 3 years in a dedicated threat intelligence role
  • Strong understanding of the cyber threat landscape, including knowledge of threat actor groups, common attack vectors, and malware families
  • Proven ability to analyze complex data from various sources (e.g., open-source intelligence, dark web forums, technical reports) to form a cohesive threat picture
  • Familiarity with common threat intelligence frameworks like MITRE ATT&CK, the Cyber Kill Chain, and Diamond Model
  • Excellent written and verbal communication skills, with the ability to present technical information clearly to both technical and non-technical audiences
  • Experience with threat intelligence platforms (TIPs), security information and event management (SIEM) systems, and forensic tools
Job Responsibility
Job Responsibility
  • Lead the design, development, and continuous improvement of the organization’s cyber threat intelligence (CTI) program
  • Perform deep-dives into cyber threats, including analyzing malware, understanding adversary tactics, techniques, and procedures (TTPs), and tracking threat actor groups
  • Create and refine threat models and frameworks to predict and prepare for potential attacks
  • Work with our Global Security Operations Center (GSOC), Detection Engineering, Automation Engineers and Incident Response teams to integrate threat intelligence into our detection and prevention systems
  • Generate timely and high-quality intelligence/Threat Landscape reports, risk forecasts and alerts for technical and executive audiences
  • Promote automation of indicator ingestion, correlation, and dissemination across GSOC, Automation and IR platforms
  • Define and track key performance indicators (KPIs) for the threat intelligence program
  • Conduct periodic maturity assessments of the threat intelligence function
  • Provide guidance and mentorship to junior analysts
What we offer
What we offer
  • Medical (HSA & FSA)
  • dental
  • vision
  • 401(k) with company match
  • employee stock purchase plan
  • commuter benefits
  • in-house wellness program
  • broad learning & development opportunities
  • a charitable giving platform with company match
  • Fitness allowance
  • Fulltime
Read More
Arrow Right

Lead Threat Intelligence Analyst

We are looking for a Lead Threat Intelligence Analyst. In this role, you'll be a...
Location
Location
Canada , Toronto
Salary
Salary:
Not provided
take2games.com Logo
Take-Two Interactive Software, Inc.
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • At least 5-7 years of experience in cybersecurity
  • Minimum of 3 years in a dedicated threat intelligence role
  • Strong understanding of the cyber threat landscape, including knowledge of threat actor groups, common attack vectors, and malware families
  • Proven ability to analyze complex data from various sources
  • Familiarity with common threat intelligence frameworks like MITRE ATT&CK, the Cyber Kill Chain, and Diamond Model
  • Excellent written and verbal communication skills
  • Experience with threat intelligence platforms (TIPs), security information and event management (SIEM) systems, and forensic tools
Job Responsibility
Job Responsibility
  • Lead the design, development, and continuous improvement of the organization’s cyber threat intelligence (CTI) program
  • Perform deep-dives into cyber threats, including analyzing malware, understanding adversary tactics, techniques, and procedures (TTPs), and tracking threat actor groups
  • Create and refine threat models and frameworks to predict and prepare for potential attacks
  • Work with our Global Security Operations Center (GSOC), Detection Engineering, Automation Engineers and Incident Response teams to integrate threat intelligence into our detection and prevention systems
  • Generate timely and high-quality intelligence/Threat Landscape reports, risk forecasts and alerts for technical and executive audiences
  • Promote automation of indicator ingestion, correlation, and dissemination across GSOC, Automation and IR platforms
  • Define and track key performance indicators (KPIs) for the threat intelligence program
  • Conduct periodic maturity assessments of the threat intelligence function
  • Provide guidance and mentorship to junior analysts
What we offer
What we offer
  • Medical (HSA & FSA), dental, vision
  • 401(k) with company match
  • Employee stock purchase plan
  • Commuter benefits
  • In-house wellness program
  • Broad learning & development opportunities
  • A charitable giving platform with company match
  • Fitness allowance
  • Employee discount programs
  • Free games & events
  • Fulltime
Read More
Arrow Right

Lead Threat Intelligence Analyst

We are looking for a Lead Threat Intelligence Analyst. In this role, you'll be a...
Location
Location
United States , Las Vegas
Salary
Salary:
Not provided
take2games.com Logo
Take-Two Interactive Software, Inc.
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • At least 5-7 years of experience in cybersecurity
  • Minimum of 3 years in a dedicated threat intelligence role
  • Strong understanding of the cyber threat landscape, including knowledge of threat actor groups, common attack vectors, and malware families
  • Proven ability to analyze complex data from various sources
  • Familiarity with common threat intelligence frameworks like MITRE ATT&CK, the Cyber Kill Chain, and Diamond Model
  • Excellent written and verbal communication skills
  • Experience with threat intelligence platforms (TIPs), security information and event management (SIEM) systems, and forensic tools
Job Responsibility
Job Responsibility
  • Lead the design, development, and continuous improvement of the organization’s cyber threat intelligence (CTI) program
  • Perform deep-dives into cyber threats, including analyzing malware, understanding adversary tactics, techniques, and procedures (TTPs), and tracking threat actor groups
  • Create and refine threat models and frameworks to predict and prepare for potential attacks
  • Work with our Global Security Operations Center (GSOC), Detection Engineering, Automation Engineers and Incident Response teams to integrate threat intelligence into our detection and prevention systems
  • Generate timely and high-quality intelligence/Threat Landscape reports, risk forecasts and alerts for technical and executive audiences
  • Promote automation of indicator ingestion, correlation, and dissemination across GSOC, Automation and IR platforms
  • Define and track key performance indicators (KPIs) for the threat intelligence program
  • Conduct periodic maturity assessments of the threat intelligence function
  • Provide guidance and mentorship to junior analysts
What we offer
What we offer
  • Medical (HSA & FSA)
  • dental
  • vision
  • 401(k) with company match
  • employee stock purchase plan
  • commuter benefits
  • in-house wellness program
  • broad learning & development opportunities
  • a charitable giving platform with company match
  • Fitness allowance
  • Fulltime
Read More
Arrow Right

Defensive Security Engineer

As the Defensive Security Engineer, you will be part of the company’s Incident R...
Location
Location
Spain , Barcelona
Salary
Salary:
Not provided
adevinta.com Logo
Adevinta
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • An experienced security analyst with the mentioned solutions and resolving security incidents in large enterprise environments
  • Familiar with Incident Management At Google (IMAG)
  • Structured, analytical, autonomous and proactive persona
  • Familiar with the Agile methodology
  • Experience with security frameworks and methodologies such as MITRE ATT&CK, ENISA or NIST
  • You have a hacker and an open mindset
  • You have software development skills
  • You have a good understanding of AWS Cloud technologies, services, security capabilities, and controls such as SCPs, Security Groups, IAM, etc.
  • You understand SDLC (coding and development) with modern tooling and ecosystems such as Kubernetes, Github, Github Action, infrastructure as code, etc.
  • You have excellent knowledge of security for networks, protocols, systems and applications
Job Responsibility
Job Responsibility
  • Contribute to the Incident Response (IR) team’s efforts by fostering a culture of proactive defence and continuous improvement through active participation in response processes and initiatives
  • Actively participate in the incident response lifecycle, including preparation, detection, analysis, containment, eradication, recovery and learning, ensuring timely and effective responses to potential threats
  • Support the development and refinement of incident response policies, playbooks, escalation procedures, and tabletop exercises
  • Contribute to post-mortem analyses to improve incident detection and response capabilities continuously
  • Work closely with other relevant teams and roles, such as the DPO, Privacy, Global Incident Teams, the rest of the InfoSec teams, and E&C, ensuring effective communication and alignment during incident response efforts
  • Assist in managing the external MSSP by ensuring alignment with organisational policies, standards, and expectations regarding service quality
  • Collaborate with the SOC team to monitor and assess the performance of security monitoring, triage, and alerting processes, contributing to optimising SOC operations and improving efficiency
  • Participate in the operations and enhance the control of defensive security technologies, including EDR, SIEM, DLP, NIDS, and threat intelligence solutions
  • Gather, analyse, and operationalise threat intelligence information to enhance detection, response, and prevention efforts, ensuring timely identification and mitigation of potential threats
  • Collaborate to prepare periodic reports and collaborate with cross-functional teams to share valuable insights gained from alerts and incidents
What we offer
What we offer
  • An attractive Base Salary
  • Participation in our Short Term Incentive plan (annual bonus)
  • Work From Anywhere: Enjoy up to 20 days a year of working from anywhere
  • A 24/7 Employee Assistance Program for you and your family
  • Fulltime
Read More
Arrow Right
New

Sr. Cybersecurity Incident Response Analyst

Blue Yonder, a leading supply chain software company, is seeking a Sr Cybersecur...
Location
Location
Mexico , Monterrey; Mexico City
Salary
Salary:
Not provided
blueyonder.com Logo
Blue Yonder
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Computer Science, Information Security, or related equivalent experience
  • 5+ years of experience in information security or cybersecurity as an analyst, engineer or consultant
  • MUST have experience with incident response methodologies and tools (e.g. SANS IR, EDR, SIEM, Threat Intelligence, etc.)
  • Strong technical skills and attention to detail
  • Excellent verbal and written communication skills
  • Ability to work independently and as part of a team
  • Ability to work under pressure and in a fast-paced environment
  • Strong problem-solving skills and a proactive approach to work
  • Knowledge of security frameworks such as NIST and ISO 27001
  • Familiarity with security regulations and standards (e.g. PCI DSS, HIPAA, etc.)
Job Responsibility
Job Responsibility
  • Monitor and Analyze Security Alerts – Review alerts generated by security systems, appliances, and logs to determine the appropriate course of action to protect the enterprise and reduce overall risk
  • Incident Triage and Response – Quickly assess, prioritize, and respond to security incidents, ensuring timely containment, eradication, and recovery to minimize business impact
  • Root Cause Analysis (RCA) – Investigate security incidents to determine root causes, attack vectors, and vulnerabilities, providing recommendations to reduce the attack surface and prevent recurrence
  • Threat Hunting and Proactive Defense – Conduct proactive threat-hunting activities based on intelligence, anomalies, and adversary tactics to identify and mitigate threats before they escalate
  • Collaboration with Cross-Functional Teams – Work closely with IT, engineering, legal, compliance, and other teams to coordinate incident response efforts and ensure an effective security posture
  • Incident Documentation and Reporting – Maintain detailed documentation of security incidents, response actions, and lessons learned, ensuring continuous improvement in security processes
  • Develop and Improve Incident Response Playbooks – Enhance and maintain incident response procedures, ensuring alignment with industry best practices and emerging threats
  • Security Awareness and Training – Provide guidance, training, and mentorship to SOC analysts and IT staff on security threats, incident handling, and response best practices
  • Threat Intelligence Integration – Leverage threat intelligence sources to stay informed on evolving cyber threats and proactively adjust security strategies to defend against them
  • Fulltime
Read More
Arrow Right

Cyber Defense Head of Department

The Cyber Security Defense Head of Department (HOD) will lead and mature our org...
Location
Location
United States , Irvine
Salary
Salary:
181240.00 - 259160.00 USD / Year
haeaus.com Logo
Hyundai AutoEver America
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 15–20 years of progressive experience across the various cyber defense disciplines (SOC, Incident Response, Red/Blue teams, or similar defensive/offensive functions)
  • Proven experience leading cyber defense teams
  • Demonstrated ability to hire, mentor, and lead high-performing technical teams
  • Bachelor’s degree in Cybersecurity, Information Technology, Computer Science or a related discipline
  • Strong knowledge of threat detection, incident response, adversary tactics (MITRE ATT&CK), vulnerability management, and secure software development
  • Excellent incident management, communication, and executive reporting skills
  • Proficient in English for effective communication and coordination
  • In the absence of IR team members, utilize a flexible work schedule to facilitate the security incident response process for high/critical incidents
Job Responsibility
Job Responsibility
  • Develop and execute the Cyber Defense strategy aligned with organizational goals, customer requirements and the evolving threat landscapes
  • Establish frameworks, processes, and KPIs for SOC, Incident Response, TVM, AppSec, Red/Blue Teaming, and Adversary Simulation
  • Serve as a senior advisor to the CISO and executive leadership on cyber risks, readiness, and emerging threats
  • Oversee 24x7 SOC operations, ensuring effective monitoring, detection, and response to security events, across levels 1-3
  • Drive continuous enhancement of detection engineering, threat hunting, and security analytics
  • Implement best-in-class security tooling, automation, and operational processes
  • Lead internal Red Team and offensive security capabilities, including penetration testing
  • Define testing methodologies, operational rules of engagement, and reporting standards
  • Translate offensive findings into actionable improvements for defensive teams and architecture
  • Oversee the Incident Response program, ensuring rapid and effective handling of security incidents
  • Fulltime
Read More
Arrow Right

Cyber Security Defense Head of Department

The Cyber Security Defense Head of Department (HOD) will lead and mature our org...
Location
Location
United States , Irvine
Salary
Salary:
181240.00 - 259160.00 USD / Year
haeaus.com Logo
Hyundai AutoEver America
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 15–20 years of progressive experience across the various cyber defense disciplines (SOC, Incident Response, Red/Blue teams, or similar defensive/offensive functions)
  • Proven experience leading cyber defense teams
  • Demonstrated ability to hire, mentor, and lead high-performing technical teams
  • Bachelor’s degree in Cybersecurity, Information Technology, Computer Science or a related discipline
  • Strong knowledge of threat detection, incident response, adversary tactics (MITRE ATT&CK), vulnerability management, and secure software development
  • Excellent incident management, communication, and executive reporting skills
  • Proficient in English for effective communication and coordination
  • In the absence of IR team members, utilize a flexible work schedule to facilitate the security incident response process for high/critical incidents
Job Responsibility
Job Responsibility
  • Develop and execute the Cyber Defense strategy aligned with organizational goals, customer requirements and the evolving threat landscapes
  • Establish frameworks, processes, and KPIs for SOC, Incident Response, TVM, AppSec, Red/Blue Teaming, and Adversary Simulation
  • Serve as a senior advisor to the CISO and executive leadership on cyber risks, readiness, and emerging threats
  • Oversee 24x7 SOC operations, ensuring effective monitoring, detection, and response to security events, across levels 1-3
  • Drive continuous enhancement of detection engineering, threat hunting, and security analytics
  • Implement best-in-class security tooling, automation, and operational processes
  • Lead internal Red Team and offensive security capabilities, including penetration testing
  • Define testing methodologies, operational rules of engagement, and reporting standards
  • Translate offensive findings into actionable improvements for defensive teams and architecture
  • Oversee the Incident Response program, ensuring rapid and effective handling of security incidents
  • Fulltime
Read More
Arrow Right

Defensive Security Engineer

As the Defensive Security Engineer, you will be part of the company’s Incident R...
Location
Location
Spain , Barcelona
Salary
Salary:
Not provided
adevinta.com Logo
Adevinta
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • An experienced security analyst with the mentioned solutions and resolving security incidents in large enterprise environments
  • Familiar with Incident Management At Google (IMAG)
  • Structured, analytical, autonomous and proactive persona
  • Familiar with the Agile methodology
  • Experience with security frameworks and methodologies such as MITRE ATT&CK, ENISA or NIST
  • You have a hacker and an open mindset
  • You have software development skills
  • You have a good understanding of AWS Cloud technologies, services, security capabilities, and controls such as SCPs, Security Groups, IAM, etc.
  • You understand SDLC (coding and development) with modern tooling and ecosystems such as Kubernetes, Github, Github Action, infrastructure as code, etc.
  • You have excellent knowledge of security for networks, protocols, systems and applications
Job Responsibility
Job Responsibility
  • Contribute to the Incident Response (IR) team’s efforts by fostering a culture of proactive defence and continuous improvement through active participation in response processes and initiatives
  • Actively participate in the incident response lifecycle, including preparation, detection, analysis, containment, eradication, recovery and learning, ensuring timely and effective responses to potential threats
  • Support the development and refinement of incident response policies, playbooks, escalation procedures, and tabletop exercises
  • Contribute to post-mortem analyses to improve incident detection and response capabilities continuously
  • Work closely with other relevant teams and roles, such as the DPO, Privacy, Global Incident Teams, the rest of the InfoSec teams, and E&C, ensuring effective communication and alignment during incident response efforts
  • Assist in managing the external MSSP by ensuring alignment with organisational policies, standards, and expectations regarding service quality
  • Collaborate with the SOC team to monitor and assess the performance of security monitoring, triage, and alerting processes, contributing to optimising SOC operations and improving efficiency
  • Participate in the operations and enhance the control of defensive security technologies, including EDR, SIEM, DLP, NIDS, and threat intelligence solutions
  • Gather, analyse, and operationalise threat intelligence information to enhance detection, response, and prevention efforts, ensuring timely identification and mitigation of potential threats
  • Collaborate to prepare periodic reports and collaborate with cross-functional teams to share valuable insights gained from alerts and incidents
What we offer
What we offer
  • An attractive Base Salary
  • Participation in our Short Term Incentive plan (annual bonus)
  • Work From Anywhere: Enjoy up to 20 days a year of working from anywhere
  • A 24/7 Employee Assistance Program for you and your family
  • A range of locally relevant benefits
  • Fulltime
Read More
Arrow Right
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Germany Jobs Ireland Jobs Poland Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
CrawlJobs Group
ITFlashcards AllDevBlogs
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy