Security Engineer Intern, Identity & Access Management

Requirements

• Currently enrolled in a full-time, degree-seeking program and in the process of obtaining a Bachelors or Masters degree in computer science or a related field
• Experience coding in an industry-standard language (e.g. Python, C++, PHP, Java)
• Interest in assessing security deficiencies in first-party/internal information systems and recommending mitigating controls
• Interest in evaluating systems architectural designs, data-flow diagrams and technical security implementations, particularly in context of access management in different geographical locations
• Interest in developing security reporting and recommendations that are meaningful, defensible and actionable
• Ability to manage competing priorities and simultaneous projects in a fast-paced environment
• Strong communication skills: both written and verbal, interpersonal skills, and ability to work cross-functionally with various teams
• Must obtain work authorization in the country of employment at the time of hire and maintain ongoing work authorization during employment

What You'll Be Doing

• Design and implement systems that enhance the security of Meta’s Identity & Access Management Systems
• Develop scripts using a range of programming languages, including but not limited to Python/C++ and PHP/Hack
• Write performance-optimized queries for large data sets
• Conduct design and code reviews
• Identify and drive changes as needed for assigned codebase, product area, and/or systems
• Collaborate and coordinate project efforts with cross-functional teams to ensure seamless execution
• Articulate security findings to internal to a variety of stakeholders, including both technical and non-technical stakeholders
• Research and provide recommendations on technical, physical, and administrative controls based on the security findings
• Participate in the development and oversight of corrective actions relating to security issues
• Participate in cross-functional, team, and status review meetings

Nice to Haves

• Contributions to the security community (public research, blogging, presentations, etc)
• Participation in capture the flag competitions, cybersecurity hackathons, bug bounty programs, or similar
• Program and project management skills
• Knowledge or understanding of compliance, SOX, SOC2, NIST, PCI, ISO, and other security regulations
• Strong analytical and problem-solving skills, including a basic understanding of data analysis techniques
• Intent to return to a full-time degree program after completion of the internship