Security Analyst, Whitehat

Facebook's bug bounty program is seeking a skilled and motivated security analyst to help us secure close to 3 billion users You will be responsible for communicating with and validating security vulnerabilities from a community of security researchers around the globe. You will gain insights of Meta's codebase to understand the root cause of each vulnerability, and have the opportunity to play a key role in one of the largest bug bounty programs in the world.

Security Analyst, Whitehat Responsibilities:

• Analyze, assess, and respond to various security vulnerabilities we receive as part of our Whitehat program.
• Follow up with researchers on unclear reports.
• Understand the root cause of security vulnerabilities to help the product team fix them.
• Play an active role in continuing to grow and develop the bug bounty program and other internal security and privacy initiatives.
• Own expansions to the program, including private programs.
• Own critical submissions to resolution - liaise a plan with product teams, advise on the right mitigation strategy.
• Implement bug fixes and feature enhancements to the program's public and internal code base.

Minimum Qualifications:

• Good communication skills.
• Familiarity with web security issues (e.g. OWASP top 10).
• Ability to follow bug reports, reproduce and triage them.

Preferred Qualifications:

• Experience writing in scripting languages and willingness to learn new languages.
• Participation in bug bounty programs (not necessarily Facebook's bug bounty program).
• 2+ years of experience analyzing source code to find security vulnerabilities.
• Contributions to the security community (public research, blogging, presentations, etc).