Security Policy Manager

The Meta Security Policy team is dedicated to identifying, tracking, and countering adversarial threat actors that seek to use our platforms to mislead users or cause harm. This work includes understanding the risks we face, crafting policies that govern acceptable use of our platforms, working across our family of apps and services to build detection and enforcement regimes to counter threats and keep people safe, and working with partners in government, civil society, and across industry to help drive whole-of-society responses to protect victim communities and tackle security threats. This role will work cross-functionally with partners in policy, integrity, legal, product, and investigative teams to analyze adversarial behavior and adaptation and measure our effectiveness in countering it. This role will work to identify and resolve key gaps in our policies and technical controls that are exploited in pursuit of frauds and scams, inauthentic behavior, and other adversarial, abusive actions, and coordinate with local and global policy teams to support engagements with regulators, researchers, and industry partners to share information and build partnerships in support of our work.


Work with policy, legal, investigative, and product teams to analyze emerging policy, active regulations, litigation, and public concerns related to adversarial behavior Partner with global product organizations and data science teams to creatively and strategically design systems to measure controls and mitigation efforts of adversarial risks Provide analysis of existing controls’ effectiveness and work with internal partners to design and evaluate new metrics for understanding the risks facing our users and systems Partner with policy, legal, operational, and product teams to resolve key gaps in our policies and technical controls that are exploited in pursuit of frauds and scams, inauthentic behavior, and other adversarial, abusive actions Support policy, marketing, communications, legal, and partnerships teams as a security subject matter experts, working to respond to regulatory inquiries, advance our strategic partnerships with governments, and improve our relationships with regulators, industry partners, researchers, and users


10+ years of experience working directly in cybersecurity, data science, or public policy Experience communicating complex technical/security issues to non-technical audiences, including engaging with policymakers on technology policy issues Proficient in statistical analysis and experimental design Demonstrated background working between technical and non-technical teams Understanding of the global cybersecurity standards and regulatory environment Understanding of current threats and trends in cybersecurity and in cybersecurity legislation Experience working in an environment without much to identify and prioritize goals Advanced degree or equivalent experience in information security or cybersecurity Experience presenting, consensus building, and making policy recommendations Experience interpreting data, developing metrics, drawing conclusions, recommending actions, and reporting results across stakeholders, leveraging Python, R, or similar languages, and/or working with visualization tools such as Tableau Experience with advanced SQL in big data environments (e.g., Hive, Presto, Spark) and data modeling Experience in identification, assessment, and disruption of malicious actors