Summary:

Meta’s Offensive Security Group is looking for an Offensive Security Engineer Intern that can execute tactical, offensive assessments across our environments. You will work with one of the best offensive security teams in the world, making sure that the data we are trusted to protect is secured to the highest standard. Our objective is to preempt the adversary in attacking Meta, and make the company, its users, and its employees safer and more secure.The ideal candidate will have a persistent curiosity to understand not only how something works on a deep, technical level, but also how it can be used for unintended purposes as an attacker. This position will begin in Summer 2025 and offers a plethora of technically intriguing security challenges. Self starters and those with a strong passion for the security field are encouraged to apply!

Required Skills:

Offensive Security Engineer Intern Responsibilities:

1. Perform security assessments consisting of vulnerability research and exploitation against both the unique systems and technologies used at Meta, as well as approved 3rd party software and vendors.

2. Research, develop, and execute adversary TTPs across the range of the attack lifecycle.

3. Provide threat-based guidance and education to the overall security organization through offensive security

4. with audiences including business and technical leaders, and software engineers.

Minimum Qualifications:

Minimum Qualifications:

5. Must be in the process of obtaining a BS or MS in Computer Science or related field

6. Must obtain work authorization in country of employment at the time of hire, and maintain ongoing work authorization during employment

7. Experience in high level scripting, coding or visualization.

8. Experience with exploiting common security vulnerabilities and bypassing security controls.

9. Familiarity in one or more of the following areas in security - Network security, Web, desktop and/or mobile application security, source code review, fuzzing and/or analysis, reverse engineering, exploit development and/or vulnerability research.

10. Familiarity of the attack lifecycle, and offensive security concepts in at least one of Red Team operations, Purple Team engagements, Vulnerability Research, and/or Exploitation

Preferred Qualifications:

Preferred Qualifications:

11. Intent to return to full-time degree program after completion of the internship.

12. Contributions to the security community (public research, blogging, presentations, bug bounty, tooling, etc.)

13. Track record of participation in capture the flag (CTF) competitions.

14. OSCP certification, or equivalent.

Public Compensation:

$error/year to $error/year + benefits We apologize for the inconvenience, please be patient as we work to correct the issue.

Industry: Internet

Equal Opportunity:

Meta is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law. Meta participates in the E-Verify program in certain locations, as required by law. Please note that Meta may leverage artificial intelligence and machine learning technologies in connection with applications for employment.

Meta is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process. If you need any assistance or accommodations due to a disability, please let us know at accommodations-ext@fb.com.