Meta’s Offensive Security Group is looking for an Offensive Security Engineer Intern that can execute tactical, offensive assessments across our environments. Our objective is to preempt the adversary in attacking Meta, and make the company, its users, and its employees safer and more secure.
Requirements
- Experience in high level scripting, coding or visualization
- Experience with exploiting common security vulnerabilities and bypassing security controls
- Familiarity in one or more of the following areas in security - Network security, Web, desktop and/or mobile application security, source code review, fuzzing and/or analysis, reverse engineering, exploit development and/or vulnerability research
- Familiarity of the attack lifecycle, and offensive security concepts in at least one of Red Team operations, Purple Team engagements, Vulnerability Research, and/or Exploitation
- Contributions to the security community (public research, blogging, presentations, bug bounty, tooling, etc.)
- Track record of participation in capture the flag (CTF) competitions
- OSCP certification, or equivalent
Responsibilities
- Perform security assessments consisting of vulnerability research and exploitation against both the unique systems and technologies used at Meta, as well as approved 3rd party software and vendors.
- Research, develop, and execute adversary TTPs across the range of the attack lifecycle.
- Provide threat-based guidance and education to the overall security organization through offensive security with audiences including business and technical leaders, and software engineers.
Other
- Must be in the process of obtaining a BS or MS in Computer Science or related field
- Must obtain work authorization in country of employment at the time of hire, and maintain ongoing work authorization during employment
- Intent to return to full-time degree program after completion of the internship
