לוח משרות דרושים אבטחת מידע / סייבר

Meta Security is looking for a Security Engineer with experience in threat modeling, TTP identification, and detection engineering. Youll work alongside Software Engineers and Offensive Security Engineers to identify critical assets, assess the top risks, and evaluate potential attacks against Meta systems. You will be working across engineering teams to develop detection and response automation leveraging both industry-standard and custom detection and response platforms. Youll generate detection ideas utilizing some of the worlds largest data sets and build on top of hyper-scale data pipelines.
Security Engineer - Surface Coverage, Detection Engineering Responsibilities
Lead cross-functional projects to improve our capabilities to effectively detect and respond to security incidents
Review security architecture of large-scale custom and commercial systems and independently propose logging, detection and prevention controls
Perform TTP-based Threat Modeling for a wide variety of assets including endpoints, mobile, servers, internal services, public & private cloud environments and networking equipment
Perform analysis against logs from a variety of sources (e.g., individual host logs, network traffic logs) to identify potential threats and detection ideas
Build response workflows and actions that auto-resolve false positives and provide context scaling our ability to investigate
Support security incident response in a cross-functional environment and drive incident resolution
Design and implement attack testing automation to validate detection coverage
Build logging pipelines using our custom datasets and infrastructure

In this role, you will conduct technical research to analyze and break down identity-based attacks observed across the threat landscape including insights from security research, real-world incidents, customer reports, and emerging trends. Your work will directly guide product and engineering teams in building advanced visibility, high-confidence detections, and durable protections that safeguard Microsoft customers at scale.

.



Responsibilities
Analyze and deeply understand the internals of authentication and network protocols, independently reproducing identity-based attacks for investigation, exploration, and research purposes.

Become a subject-matter expert in identity-focused investigation, collection, analysis, and forensics including a deep understanding of emerging trends, evolving attack techniques, and the identity threat landscape.

Collaborate closely with multiple product and engineering teams to design next-generation sensors, implement innovative detection ideas, and validate their effectiveness using a data-driven approach.

Work hand-in-hand with engineering teams to deliver prototypes and production-ready code that support and operationalize research insights.

Provide cybersecurity expertise during security escalations and incidents to help protect Microsoft and our customers.

In this role, you will work at the forefront of automated attack disruption, developing capabilities that detect and respond to advanced threats in real time, regardless of the attack workflow or stage in the kill chain. You will examine diverse and complex signals across on-premises, hybrid, and cloud environments, hunting for emerging adversary techniques, uncovering novel patterns of malicious behavior, and transforming research findings into practical, scalable protection. Your work will span from the earliest ideation stages to production-ready, customer-facing capabilities: researching and modeling attack techniques, identifying the necessary telemetry, designing robust detection logic, and ensuring that our automated disruption mechanisms can respond effectively in real-world conditions. This is an opportunity to have a direct impact on the security of organizations worldwide by building autonomous defense systems that stay ahead of evolving threats and protect customers at scale. You will collaborate closely with engineers, threat analysts, and product teams, bringing creativity and rigor to the challenge of stopping some of the most advanced attacks in the industry before they can cause harm. Our team values diversity and strives to hire individuals with varied experiences and perspectives. We understand that no candidate possesses every desired skill and experience, but together, we form a strong, effective team.



Responsibilities
Provide cybersecurity expertise as needed during security escalations and incidents to help protect Microsoft and our customers
Proactively hunt across diverse signal sources including on-premises, hybrid, and cloud environments
Stay current with the latest cyberattack trends and design robust, sophisticated detection logic across the full attacker kill-chain.
Build and implement innovative automated disruption capabilities that autonomously detect and mitigate attacks in real time.
Collaborate with engineering and product teams to design security sensors, validate protection ideas, and measure effectiveness using data-driven approaches.
Contribute to the broader security community by authoring technical blogs, sharing research findings, and presenting at leading security conferences.

Works with account and marketing teams to shape strategic win and customer success plans and tailor Microsoft messaging to audience using knowledge of customer feedback, specific Microsoft solutions, and their context in a competitive landscape. Where applicable, builds consumption plans with Partner and Industry Solutions Delivery teams after customer sign-off.
Captures core competitive knowledge and delivers back to product and engineering teams to enhance team capabilities and develop compete strategies for assigned customers.
Provides strategic, technical, and partner input based on Microsoft capability at the account level to contribute to strategy development, leveraging partner, competitor, or open-source knowledge.
responsibility description

Education
Monitors and responds to internal tech community posts, attends community calls, sessions, hackathons, etc., and acts as a mentor for their technology area.
Demonstrates new and updated products to increase internal virtual teams' understanding of solutions and new opportunities.
Builds their own readiness plan and proactively identifies learning gaps. Grows domain knowledge and practices expertise by communicating with customers, partners, and senior colleagues to expand knowledge of architecture.
responsibility description

Leverage Partner Ecosystem
Supports partner technical capacity by identifying skill and resource gaps and providing feedback to internal teams (e.g., Global Partner Solutions).
Engages in partner sell-with scenarios by acting as liaison between the partner and team and facilitating partner resources and processes throughout the course of the project.
responsibility description

Scale Customer Engagements
Engages with and reaches out to customers proactively and independently.
Leads and ensures technical wins for core and adjacent technologies by leading technical discussions with customers and establishing rules of engagement (e.g., role boundaries, handoff strategies) for extended teams, leveraging knowledge of processes (e.g., Managed Service Provider [MSP], Managed Certified Professional [MCP]), tools, and programs (e.g., FastTrack, End Customer Investment Funds [ECIFs]). Searches for customer references to use in engagements.
Uses knowledge of customer context, solution or portfolio expertise, and technical and industry knowledge to build credibility with customers.
Leverages foundational knowledge of resources (e.g., roles, Microsoft Technology Center [MTC], demo sites, virtual sites, Value Based Delivery [VBD], Customer Success Unit [CSU]) and proactively engages product teams (e.g., engineering) to remediate blockers by conveying impact.
responsibility description

Solution Design and Proof
Presents and applies architecture patterns to partners or customers and drives cross-workload support for Microsoft Solutions.
Applies sales methodologies (e.g., challenger sales) and coaches team in addressing customer digital transformation and leveraging insights to align new or changing technology to customer business needs.
Demonstrates and oversees demonstrations (e.g., architectural design sessions, and proof of concept [POC] sessions) of products, services, and integration through initial engagements. Leverages partner/customer teams as needed to prove capabilities and integration into customer environment.

As a Senior Security Researcher, you will lead proactive vulnerability research, developing novel proofs-of-concept and exploit chains that emulate real-world attackers. You will discover vulnerabilities across AI systems, validate exploitability, and work closely with engineering and product teams to drive remediation. The vulnerabilities you will find will impact hundreds of millions of users!



Responsibilities
Become a founding member of the AIAL group as part of Microsoft Red Team. Help shape the team culture and practices.
Research and discover zero-day vulnerabilities in AI applications, models, and AI service ecosystems. Work closely with Red Team operators and engineering teams to address findings and strengthen resilience of AI-driven systems.
Analyze a wide array of data sources to identify potential security weaknesses and breach points within Microsofts AI infrastructure.

Develop tools and techniques to scale and accelerate adversary emulation and vulnerability discovery.

Advocate for security change across the company through building partnerships and clearly communicating impact of risks.