Security Policy Manager

We are looking for a experienced staff member to support our global team. This role will work with partners in policy, integrity, legal, and investigative teams to identify and resolve key gaps in our policies and technical controls that are exploited in pursuit of frauds and scams, inauthentic behavior, and other adversarial, abusive actions. This role will involve analyzing regulatory requirements and adversarial behavior, and coordinating with local and global policy teams to support engagements with regulators, researchers, and industry partners to share information and build partnerships in support of our work.

Security Policy Manager Responsibilities:

• Work with policy, legal, investigative, and product teams to analyze emerging policy, active regulations, litigation, and public concerns related to adversarial behavior. Partner with global product organizations to support the design of systems to control and mitigate those risks - including identity verification systems.
• Review adversarial behaviors and trends of abuse across APAC markets and user communities, and help investigators, policy teams, and product organizations better understand the tactics used in a variety of harms and abuses, including scams, frauds, inauthentic behavior, spam, etc.
• Partner with policy, marketing, communications, legal, and partnerships teams as a security subject matter expert, working to respond to regulatory inquiries, advance our strategic partnerships with governments, and improve our relationships with regulators, industry partners, researchers, and users.
• Provide analysis of existing controls’ effectiveness and work with internal partners to design and evaluate new metrics for understanding the risks facing our users and systems.
  
  

Minimum Qualifications:

• Master’s degree in Computer Science, a law degree, or equivalent experience.
• 8+ years of relevant cybersecurity and policy experience
• Experience in information security at technology companies and/or in government
• Demonstrated experience working between technical and non-technical teams
• Experience communicating complex technical/security issues to non-technical audiences
• Understanding of the global cybersecurity standards and regulatory environment
• Understanding of current threats and trends in cybersecurity and in cybersecurity legislation
• Experience working in a dynamic environment and influence outcomes
• Experience operating independently and in ambiguity
  
  

Preferred Qualifications:

• Background in security technologies, standards, and regulations, to include those related to payments services and/or identity verification.
• Experience in identification, assessment, and disruption of malicious actors
• Advanced degree or equivalent experience in information security or cybersecurity
• Experience operating in developing nations
  
  

About Meta:

Meta builds technologies that help people connect, find communities, and grow businesses. When Facebook launched in 2004, it changed the way people connect. Apps like Messenger, Instagram and WhatsApp further empowered billions around the world. Now, Meta is moving beyond 2D screens toward immersive experiences like augmented and virtual reality to help build the next evolution in social technology. People who choose to build their careers by building with us at Meta help shape a future that will take us beyond what digital connection makes possible today—beyond the constraints of screens, the limits of distance, and even the rules of physics.

Individual compensation is determined by skills, qualifications, experience, and location. Compensation details listed in this posting reflect the base hourly rate, monthly rate, or annual salary only, and do not include bonus, equity or sales incentives, if applicable. In addition to base compensation, Meta offers benefits. Learn more about benefits at Meta.