Summary:

Meta's Integrity, Security, Support & Operations Global Risk and Compliance (ISSO GRC) serves as the primary hub for risk management and compliance across the company, providing support to Meta and its family of apps. Within ISSO GRC, the European Security Office (ESO) is specifically tasked with supporting Meta Platforms Ireland Ltd and WhatsApp Ireland Ltd. The ESO operates a security and oversight function to ensure the compliant processing of European User data.At Meta, we understand the significance of security, data protection, and privacy for the billions of people who use our services. We are committed to ensuring compliance with applicable laws and regulations such as the General Data Protection Regulation (GDPR), the European Electronic Communications Code (EECC), the Network and Information Security Directive (NIS2), and others.We are currently seeking highly experienced and motivated information security professionals to join our ESO Security Team. This role is critical in driving change and ensuring compliance with these and other obligations. As part of this role, you will collaborate closely with engineers, analysts, technical program managers, business stakeholders, legal teams, and risk & compliance teams across the Meta organization.The ideal candidate for this position is someone with a comprehensive understanding of various aspects of information security and the ability to apply this knowledge to solve problems at scale. This role demands a blend of business and technical acumen, excellent communication skills, and a strong desire to learn.Our goal is to make Meta the premier place to work for governance, risk, compliance, security, and integrity professionals.

Required Skills:

EU Security Specialist Responsibilities:

1. Collaborate with team members and stakeholders to understand or identify defined work problems and program goals, obtain prioritized deliverables, and discuss program impact.

2. Prioritize program goals, understand and translate other stakeholders’ needs into program goals and prioritized deliverables with minimal assistance, and contribute to decisions on prioritizing goals and deliverables.

3. Define the scope of projects and develop, execute, and/or manage project plans for supported program(s)

4. Review key metrics pertaining to the program, monitor potential metric deviations, and define corrective actions for critical deviations.

5. Identify, communicate, and collaborate with relevant stakeholders within one or more teams to drive impact and work toward mutual goals.

6. Develop detailed program/project plans in partnership with “areas of common concern” within ISSO GRC.

Minimum Qualifications:

Minimum Qualifications:

7. 6+ years of experience in information security, cybersecurity, transparency reporting, integrity, and/or technology risk including one or more domains (e.g., access management, vulnerability management, change management, business continuity, application security, asset management).

8. Experience in at least two cybersecurity domains, for example Identity and Access Management, Vulnerability Management, Threat Identification, Incident Detection & Response, etc.

9. Experience in designing and implementing control frameworks

10. Experience in assessing security deficiencies in information systems and recommending mitigating controls in a corporate environment

11. Familiarity with compliance frameworks and regulatory requirements such as NIST, ISO-27001, ISO27018, SOC2, GDPR, EECC, eDP, NIS2, and other relevant structures.

Preferred Qualifications:

Preferred Qualifications:

12. Industry qualification (CISSP/CISM/CRISC/CISA or similar)

Industry: Internet