The Director of Security, Enterprise Engineering will be responsible for protecting Facebook against the variety of threats to Facebook's internal systems, corporate infrastructure and business applications. Working in close partnership with Facebook’s Information Security organization, you will take a leadership role with the challenge of driving IT security for a company that prides itself on its ability to move fast. You will work closely with key internal partners and build strong cross-functional relationships as you partner to solve security issues for Facebook's corporate environment. You will design security capabilities and a roadmap aligned to Facebook’s culture and accordingly build a high-performing security team that is bold, innovative, and technically skilled. This role will report directly to Facebook’s CIO and work in close partnership with the CISO.
Proactively identify security capability gaps/needs for Facebook’s corporate systems, infrastructure and business applications. Build a security capabilities roadmap in partnership with the security organization and cross functional stakeholders
Collaborate with stakeholders and drive security competency for Facebook’s IT
Provide design suggestions and reviews for enterprise engineering to ensure security is design-in across enterprise applications, systems, and infrastructure
Develop and maintain security control frameworks/guidelines to ensure consistent application of technical security controls for all corporate infrastructure and IT systems
Build and lead a team of security engineers researching, developing, and supporting IT security capabilities, especially those dealing with endpoint, mobile, and corporate infrastructure services (e.g. database, email, cloud services, directory services) and security services for all our internal systems and business applications
Partner with leaders across the company to ensure that corporate information security efforts receive appropriate prioritization and resources
Develop and maintain metrics to measure Facebook's security posture within the corporate environment
Regularly provide the CISO, CIO and CFO with useful measurements of corporate security risks and an action plan to mitigate
Minimum Qualifications
10+ years leadership experience in security product development or security leadership experience in organizations with a global footprint
Hands on security technical skills across the technology stack, including applications, host, and network
Hacker mentality with ability to innovate and co-design security solutions beyond vendor limitations
Demonstrated ability to build cross-functional partnership and enable virtual teams across organizational boundaries
BS/MS in Computer Science or related field or equivalent experience
Experience in attracting, developing, retaining and leading a team
Must be able to develop and communicate information security strategies and architectures
Demonstrated experience developing, evangelizing, and managing a security vision in partnership with end-users and key stakeholders throughout the organization
Preferred Qualifications
Ability to deal with ambiguity and adapt continuously in a complex matrixed environment
Demonstrated ability in building solutions for an organizational culture such as Facebook’s
Knowledge of attacker life-cycles and strategies to inhibit attacker activity
Demonstrated experience developing, evangelizing, and managing a security vision in partnership with end-users and key stakeholders throughout the organization
Familiarity with control frameworks such as ISO 27001/2, NIST Cybersecurity Framework, and Center for Internet Security Controls for Effective Cyber Defense
Send To A Friend
Posts
