Security Engineer, Wearables (Reality Labs)

Job Title

Security Engineer, Wearables (RL)

Role Summary

The Reality Labs Trust Security team secures Meta's wearable and XR devices across manufacturing, provisioning, and operational lifecycle. This role owns technical direction for device security spanning cryptographic provisioning, vulnerability management, manufacturing security, and regulatory compliance.

Work spans hardware cryptography, on-device firmware, backend infrastructure, and AI-driven automation to support secure device bring-up, distribution, and end-of-life patching.

Experience Level

Senior — requires significant experience; the posting specifies 10+ years of relevant security experience.

Responsibilities

Own and deliver the technical strategy and roadmaps to secure wearable devices through manufacturing and product lifecycle.

• Define and implement cryptographic device provisioning at factory sites and ensure only authorized devices access Meta services.
• Architect AI-native automation for vulnerability management covering detection, triage, and remediation across large multi-party codebases and third-party dependencies.
• Design SBOM generation and end-to-end vulnerability lifecycle tooling to meet regulatory requirements (e.g., FDA pre-market cybersecurity guidance, EU compliance).
• Lead platform-level security improvements including cryptographic identity infrastructure modernization and DRM provisioning upgrades.
• Secure manufacturing infrastructure via threat modeling, cloud/infrastructure hardening, controls definition, and detection/monitoring pipelines for factory environments.
• Collaborate with cross-functional teams and contract manufacturers to align on security trade-offs and risk acceptance for device provisioning models.
• Provide program status, prioritize resources, and drive cross-functional delivery in a changing business environment.
• Implement and review security controls across firmware, backend services, and supporting toolchains in multiple languages and stacks.

Requirements

Must-have technical and programmatic qualifications.

• 10+ years experience addressing security issues in software development, common bug patterns, and web-related security concerns.
• Proven experience leading and managing complex cross-functional security programs and communicating status to leadership.
• Practical experience with vulnerability exploitation techniques, remediation frameworks, threat modeling, threat detection, and incident handling.
• Experience with infrastructure hardening and cloud security (e.g., AWS).
• Hands-on experience building or integrating tooling for vulnerability lifecycle, SBOMs, code signing, secure boot, or device attestation is strongly preferred.
• Nice-to-have: software development to enable security processes; experience with Rust, C, C++, Python; cryptographic key management/HSMs; DRM and device identity infrastructures; familiarity with regulatory compliance workflows.
• Nice-to-have: experience applying AI tools for automation (prompt/agent engineering, agent orchestration) and integrating responsible AI practices into security workflows.

Education Requirements

B.S. or M.S. in Computer Science, Engineering, or a related technical discipline, or equivalent practical experience.

About the Company

Company: Meta Platforms

Headquarters: Menlo Park, California, United States

American technology company that develops social networking products (Facebook, Instagram, WhatsApp) and invests in virtual/augmented reality hardware and software through Reality Labs, focusing on connectivity, advertising, and immersive computing experiences.