Job OverviewThird Party Product Security AuditorAbout the RoleThe Third Party Product Security Auditor is responsible for leading security programs with Contract Manufacturing (CM), Research and Development (R&D), and Original Design Manufacturer (ODM) partners who build innovative consumer electronics hardware. This role ensures the secrecy and security of Meta's intellectual property at production sites and third-party locations. The auditor will develop, implement, and validate security program best practices, assess third parties' security posture, and reduce risks in hardware production environments. This position requires building strategic relationships with internal teams and external vendors to develop long-term risk mitigation strategies.
Responsibilities- Support third-party CM/R&D/ODM vendor manufacturing site activities, including production area, warehouse, and infrastructure security programs
- Provide guidance on best-in-class intellectual property protection programs for confidential projects
- Conduct ongoing onsite and virtual assessments of Meta contract manufacturing sites to identify physical security vulnerabilities
- Manage the onsite assessment and audit process, including documentation verification and validation of procedures or physical security controls provided by suppliers
- Apply auditing principles, analyze records, prepare reports, and recommend improvements in alignment with ISO 19011
- Facilitate communication between management, audit participants, and third parties, including conducting opening and closing meetings
- Oversee GPS Audit Management System alignment to CTPAT & TAPA criteria and integration into the company's Third Party Oversight & Management initiative
- Assist with creating, distributing, and maintaining the end-to-end audit management system and program to ensure customer requirements are met
- Monitor third-party adherence to supplier contracts, the physical security addendum, and customer requests
- Oversee programs from product conception through downcycling, supporting development teams in protecting projects and keeping them moving forward
- Develop and maintain standards, risk management approaches, and internal checks and balances
- Maximize partnerships with internal teams (Operations, Hardware Engineering, Legal, Security) and external cross-functional and third-party vendor teams
- Coordinate and facilitate meetings with internal and external partners; conduct project planning and execution
- Connect gaps observed across cross-functional teams to drive resolution
- Maintain confidentiality of all audit information related to third-party suppliers
- Travel extensively in NORAM and other regions as business needs require
Minimum Requirements- Bachelor's degree in Security Management, Criminal Justice, Engineering, Supply Chain Management, or a related field (or equivalent experience)
- 5+ years of experience in physical security, supply chain security, or security auditing within manufacturing or hardware production environments
- Professional knowledge of information security practices in manufacturing environments, including PCBA and silicon fabrication processes
- Demonstrated experience conducting security audits and assessments against industry frameworks (e.g., CTPAT, TAPA, ISO 19011)
- Experience developing and implementing security programs for third-party or contract manufacturing partners
- Strong understanding of intellectual property protection in hardware development and production settings
- Ability to travel extensively (domestic and international)
- Strong written and verbal communication skills, with the ability to produce clear audit reports and present findings to diverse stakeholders
- Proven ability to manage cross-functional relationships and influence without direct authority
Preferred Qualifications- Certified Protection Professional (CPP) or Physical Security Professional (PSP) certification through ASIS International
- CTPAT (Customs-Trade Partnership Against Terrorism) certification or validated knowledge of CTPAT requirements
- TAPA (Transported Asset Protection Association) certification (FSR, TSR, or PSR)
- ISO 19011 Lead Auditor certification or formal auditor training
- Experience working in or auditing consumer electronics, semiconductor, or hardware manufacturing environments
- Familiarity with silicon fabrication, PCBA assembly, and hardware prototype security protocols
- Prior experience managing security programs for large-scale, multi-site contract manufacturing operations
- Experience with audit management systems and security program lifecycle management tools
- Working knowledge of supply chain risk management frameworks
- Multilingual capability (e.g., Mandarin, Vietnamese, Spanish) given international travel requirements
- Prior experience in a corporate security or global protective services role at a technology company
- Project Management Professional (PMP) or equivalent project management certification
CompensationEstimated Pay Range: $106400.00 - $115,600.00 USD/yr
Exact compensation and offers of employment are dependent on circumstances of each case and will be determined based on job-related knowledge, skills, experience, licenses or certifications, and location.
