CyberTalents offers many cybersecurity courses in different areas

Apply Now

What is required to work in Cyber Security Jobs at Facebook?

Dream of working at Facebook, Google, Microsoft, Linkedin, or any of the fortune 500 companies ? 

That was the topic of our third webinar series “What is required to work in cyber security jobs” named What is required to work in cyber security jobs at Facebook?. This week we hosted Ibrahim Mosaad, Product Security Engineer at Facebook. Mosaad discussed with CyberTalents what skills you should have and what type of talents those companies are searching for.

What are the required skills?

“Those types of companies need to hire the best of the best in every position. Nearly every employee or engineer in facebook serves 1 million users.That's why you need to have a wide skills set in many cyber security topics and in depth skills in one of the topics”. Said Mosaad, Product Security Engineer, Facebook

 

“As a product security engineer, I work on assessing the security issues of Facebook products, provide guidance, recommendations and fixes  products on different channels”, Mosaad added. Some of the fields that Mosaad works on are:

 

Web security: this covers websites like www.facebook.com www.instagram.com and also the backend of mobile apps.

Mobile security : This covers Facebook, instagram, FB messenger, whatsapp mobile applications and others  

Native security: This covers stuff that is written by C, C++ especially for performance issues or any other reasons 

Coding skills and Security mindset: This kind of skills is needed while you are working in any domain

 

Mosaad mentioned that you don’t need to master all of the above skills to have a cyber security job in facebook. As for the first 3 skills, you need to master, at least, one of them and have a strong knowledge in the other two. Moving on to coding skills, you are not a developer however you need to be able to represent your ideas in a code or even automate some work. 

How CTFs helped you ?

Capture the flag competitions are a way not a goal. You should balance your time between CTFs, coding and problem solving. Give 33% of your time to coding and problem solving while the rest for solving CTFs.

What are the different Cyber Security Jobs at Facebook?

Facebook has many cyber security jobs like product security, threat detection, malware analysis and many others. I suggest all talents to check their Facebook Careers page.

Facebook Hiring Process:

The facebook interviewing process is a multistage process which is summarized as below:

Send your CV through Facebook Career page. This is the first filter where the interviewers need to decide if you deserve to move to next step or not

Phone Interview : this is around 30 minutes call discussing mainly the points mentioned in your CV

On-Site interviews : This will be a series of interviews, an average of four interviews that cover different aspects both technically and/or problem solving skills and others

 

“The interviewer needs to see your contributions in the cyber security community. That's very important. Did you participate in CTFs ? Do you make writeups for CTF challenges? Do you speak in cyber security conferences regularly, did you work in any cyber security research before.”Said Mosaad



Learning Resources

1- Books :

Web security

The Tangled Web

Web hacking 101

The Web application hacker’s handbook

The browser Hacker’s Handbook

SQL injection Attack and Defense

XSS Exploits Cross Site Scripting Attacks and Defense.

Mobile security

Android Hacker’s Handbook

iOS Hacker’s Handbook

Android Security Internals

iOS Application Security

The Mobile Application Hacker’s handbook

Hacking and Security iOS Applications

Native Security

Secure coding in C and C++

Effective Modern C++

Hacking: The Art of Exploitation

The CERT; C Coding Standard

The Art of Software Security Assessment

2- Conferences

Conferences are one of the best sources of knowledge. You don’t have to attend all events but for sure you need to listen to most of the sessions. All conferences release their videos talks few months after the end of them. Some of the conferences that you must see their talks are Defcon, Blackhat, Enigma Conference organized by google, CanSecWest, Cairo security camp, AppSec USA and Europe

3- Competitions/Exercises – Security

Participating in capture the flag competitions is very important.It will help all talents to sharpen their skills in cybersecurity. Below are some of the best CTFs that you can join.

Codegate, CSAW, ASIS CTF, Nuit du Hack

Also there are some platforms that you can use for practice like 

Overthewire, CyberTalents, Pentestit.ru, Rootme, Vulnhub, Pwnable.kr




Share

Copyright © Cyber Talents 2024. All Rights Reserved.