Meta’s Product Security team focuses on detection, prevention, and mitigation of risk that is inherent in building software -- whether that means vulnerability research or building software. Product Security Engineers provide guidance and tooling to engineering and product teams that help minimize the security and privacy risk for over 3 billion of our users.

The Role

The scale, diversity, and importance of the products we secure is an inspiring mission -- come help us make life hard for the bad guys! Meta’s Product Security team is hiring security interns focused in several areas: Web Security: focused on securing web applications/APIs and ensuring we have robust architectural browser protections. Web Security Engineers on Product Security team work on a wide range of projects in PHP, Python, Perl, Ruby, etc. Mobile Security: focused on securing an ecosystem of mobile applications and platform security for Android (Java, Kotlin) and iOS (Swift, Objective-C), including custom hardware devices. Native Security: focused on lower level systems which are closer to the hardware and physical components of computers. Native Security Engineers on Product Security team work on a wide range of projects in the C/C++/Rust space.

These engineering roles will partner closely with the following teams: Secure Application Frameworks: a team focused on building libraries, frameworks, and platforms that enable developers to write secure software and enable security engineers to perform automated analysis at scale. Program Analysis: teams of software engineers who build static and dynamic analysis tools to detect and prevent security and privacy issues at scale Product Teams: various teams across engineering that are focused on building services but need security guidance in order to build secure applications. I

f you’re passionate about security and helping secure products that billions of people use and trust, come join us at Meta!

Security Engineer Intern, Product Responsibilities

  • Security Reviews: perform manual design and implementation reviews of products and services that make up the Meta ecosystem, like Instagram, WhatsApp, Oculus, Portal, and more.
  • Developer Guidance: provide guidance and education to developers that help prevent the authoring of vulnerabilities.
  • Automated Analysis and Secure Frameworks: build automation (static and dynamic analysis) and frameworks with software engineers that enable Meta to scale consistently across all of our products.
  • Research, develop, and apply mitigations to products so that vulnerabilities cannot be turned into exploits

Minimum Qualifications

  • Currently enrolled in a full-time, degree-seeking program and in the process of obtaining a Bachelors or Masters degree in computer science or a related field
  • Experience with exploiting common security vulnerabilities.
  • Experience finding vulnerabilities in interpreted languages (C, C++, php, ruby, python). Knowledge of secure code development.
  • Proven project management and execution skills
  • Self-motivated and proactive, with ability to identify key areas of focus and take initiative to drive results
  • Strong communication and collaboration skills
  • Must obtain work authorization in the country of employment at the time of hire and maintain ongoing work authorization during employment.

Preferred Qualifications

  • Intent to return to full-time degree program after completion of the internship
  • Experience with exploiting common security vulnerabilities
  • Experience writing software that enables security processes
  • Contributions to the security community (public research, blogging, presentation, open source, etc.)