Insider Threat Program Manager, Information Security

1 day ago

Singapore BYTEDANCE PTE. LTD. Full time
Roles & Responsibilities

About the Company

Founded in 2012, ByteDance's mission is to inspire creativity and enrich life. With a suite of more than a dozen products, including TikTok as well as platforms specific to the China market, including Toutiao, Douyin, and Xigua, ByteDance has made it easier and more fun for people to connect with, consume, and create content.


Why Join Us

Creation is the core of ByteDance's purpose. Our products are built to help imaginations thrive. This is doubly true of the teams that make our innovations possible.

Together, we inspire creativity and enrich life - a mission we aim towards achieving every day.

To us, every challenge, no matter how ambiguous, is an opportunity; to learn, to innovate, and to grow as one team. Status quo? Never. Courage? Always.

At ByteDance, we create together and grow together. That's how we drive impact - for ourselves, our company, and the users we serve.

Join us.


About the Team

The Internal Security Risk Management & Governance team is responsible for managing and mitigating information security risks posed within the organisation. To ensure that the company's risk management and governance strategies are up to date and aligned across the organisation, this team is responsible for working with stakeholders from cross-functional teams to perform regular risk assessments, designing and implementing risk mitigation controls. This team is also responsible for managing the optimization, operation, training, and data analysis of the internal threat platform and UEBA (User and Entity Behavior Analytics) and DLP (Data Loss Prevention) platforms within the company.


Responsibilities

- Develop and maintain the organization's insider risk security governance framework, including risk scenario mapping to controls, policies, procedures, and standards that align with industry best practices and regulatory requirements. Such framework must be sufficiently detailed to allow ease of execution with clarity in roles and responsibility amongst stakeholders.

- Communicate the insider threat governance framework to key stakeholders and build effective collaboration models with stakeholders with clear roles and responsibilities, transparent tracking of metrics and seamless management reporting.

- Conduct regular security risk assessments to identify risk trends, vulnerabilities and alert patterns, and work with relevant departments to develop mitigation and remediation strategies.

- Monitor and report on the effectiveness of security controls and the status of security risks to senior management. Communicate risk assessment and trend analysis findings, risks and gaps to both technical and non-technical program stakeholders.

- Coordinate with IT and business units to ensure insider threat security measures are integrated into technology projects and business processes.

- Identify and garner the support of internal and external stakeholders to collaborate on driving change, including risk remediation and leading parties involved to meet risk remediation objectives.

- Translate business and technology requirements into relevant insider threat rules for operational teams to implement

- Stay abreast of the latest security trends, threats, and technologies to continuously improve the organization's insider threat security posture.

- Conduct analysis of large complex datasets involving insider risks, track metrics and identify gaps and vulnerabilities

- Understanding emerging insider risks to build and improve proactive threat detection.


Minimum Qualifications

1. Bachelor's degree or above, with a preference for majors in Information Security, Computer Science, Information Technology, privacy, risk or a related field. Professional certifications such as CISSP, CISM, CRISC, or CGEIT are highly desirable.

2. Minimum of 5 years of work experience, with a preference for experience in DLP (Data Loss Prevention), UEBA (User and Entity Behavior Analytics), or security platforms-related work.

3. Experience with security risk assessment methodologies and tools.

4. Skilled in creating and maintaining risk registers, developing risk treatment plans, and effectively communicating risk posture to stakeholders at all levels of the organization.

5. Self-driven and results-oriented, enjoys challenging tasks, demonstrates enthusiasm for work, and can handle job pressures.

6. Excellent communication and interpersonal skills, with the ability to engage and influence stakeholders at all levels.

7. Proven ability to manage and prioritize multiple projects and tasks.


Preferred Qualifications

- Hands on in-house experience with designing, implementation and operation of commercial or in-house UBA/UEBA solutions (e.g., Splunk, Exabeam) are highly desirable

- Experience with threat modeling methodologies (e.g., STRIDE, PASTA) to analyze and assess security threats within software applications, systems, and networks.


ByteDance is committed to creating an inclusive space where employees are valued for their skills, experiences, and unique perspectives. Our platform connects people from across the globe and so does our workplace. At ByteDance, our mission is to inspire creativity and enrich life. To achieve that goal, we are committed to celebrating our diverse voices and to creating an environment that reflects the many communities we reach. We are passionate about this and hope you are too.


Tell employers what skills you have

Information Security
Security Governance
Remediation
Risk Assessment
Data Analysis
Treatment
ISO
Risk Management
Information Technology
ISO 27001
Trend Analysis
Regulatory Requirements
Loss Prevention
CISSP
Mapping
Threat Modeling

  • Insider threat lead

    4 weeks ago

    Singapore TikTok Full time

    Insider Threat Lead - Global Security OrganisationTik Tok is the leading destination for short-form mobile video. At Tik Tok, our mission is to inspire creativity and bring joy. Tik Tok's global headquarters are in Los Angeles and Singapore, and its offices include New York, London, Dublin, Paris, Berlin, Dubai, Jakarta, Seoul, and Tokyo. Why Join Us...

  • Insider threat lead

    1 month ago

    Singapore TikTok Full time

    Insider Threat Lead - Global Security Organisation Tik Tok is the leading destination for short-form mobile video. At Tik Tok, our mission is to inspire creativity and bring joy. Tik Tok's global headquarters are in Los Angeles and Singapore, and its offices include New York, London, Dublin, Paris, Berlin, Dubai, Jakarta, Seoul, and Tokyo. Why Join...

  • Information Security Analyst

    5 days ago

    Singapore ST ENGINEERING INFO-SECURITY PTE. LTD. Full time

    We are seeking highly motivated and dedicated Information Security Analysts to join our 24/7 Security Operations Center (SOC) at ST Engineering Info-Security Pte. Ltd.About the RoleThis is an exciting opportunity for individuals who want to kickstart their career in cybersecurity, with a focus on threat response and security event monitoring.Key...

  • Cybersecurity Analyst

    4 weeks ago

    Singapore 11112 Citibank, N.A. Singapore Full time

    DescriptionCiti is seeking a skilled Cybersecurity Analyst - Insider Threat to join our team in Singapore.Key Responsibilities:Investigate security incidents and perform incident response actions, including escalating to other support groups.Develop and implement insider threat monitoring use cases and review existing ones.Participate in conference calls and...

  • Enterprise Sales Professional

    1 week ago

    Singapore INSIDER SECURITY PTE. LTD. Full time

    Company OverviewInsider Security Pte. Ltd. is a leading provider of innovative cybersecurity solutions. Our mission is to protect organizations from the growing threat of insider threats.Job SummaryWe are seeking an experienced Enterprise Sales Professional to join our team. As a key member of our sales team, you will be responsible for driving revenue...

  • Information Security Threat Hunter

    1 week ago

    Singapore HYPERSCAL SOLUTIONS PTE. LTD. Full time

    We are seeking an experienced Information Security Threat Hunter to join our team at HyperScal Solutions PTE. LTD.Job Description:The primary responsibility of this role is to monitor and analyze security events in a timely manner, identifying potential threats and incidents that may impact the company's systems and data.This involves using various security...

  • Cybersecurity Enterprise Sales Strategist

    1 week ago

    Singapore INSIDER SECURITY PTE. LTD. Full time

    Job OverviewCybersecurity is a rapidly evolving field, and we are looking for an experienced sales professional to join our team as a Cybersecurity Enterprise Sales Strategist. In this role, you will be responsible for identifying new business opportunities and building relationships with key decision-makers in the enterprise software market.About the RoleWe...

  • Cybersecurity Threat Hunter and Forensics Specialist

    5 days ago

    Singapore ST ENGINEERING INFO-SECURITY PTE. LTD. Full time

    We are seeking a highly skilled and experienced Digital Forensics & Incident Response Specialist to join our cybersecurity team at ST Engineering Info-Security Pte. Ltd.This role requires hands-on technical expertise in analyzing security incidents, conducting proactive threat hunts, and investigating breaches.About the Role:Digital Forensics & Incident...

  • High-Risk Threat Investigator Cybersecurity Specialist

    1 month ago

    Singapore GIC Full time

    Cybersecurity Resilience Role OverviewGIC, one of the world's largest sovereign wealth funds, seeks a Cybersecurity Resilience Investigator to join its team. As a leading global long-term investor, we work at the point of impact for Singapore's financial future and the communities we invest in worldwide.Cybersecurity & Resilience (CSR) FunctionYou will be...

  • Project Delivery Manager

    1 week ago

    Singapore INSIDER SECURITY PTE. LTD. Full time

    Job SummaryWe are seeking an experienced Project Delivery Manager to join our team at INSIDER SECURITY PTE. LTD. in Singapore. As a key member of our project management team, you will be responsible for ensuring timely deployment and successful delivery of projects to our customers.

  • Information Security Specialist

    1 week ago

    Singapore ANTER RECRUITMENT PTE. LTD. Full time

    Job Title: Information Security Specialist - Threat Analysis and RemediationAbout the RoleWe are seeking a skilled Information Security Specialist to join our team at ANTER RECRUITMENT PTE. LTD. as an Information Security Specialist - Threat Analysis and Remediation.Key Responsibilities:Conduct regular vulnerability testing and risk assessments to identify...

  • Chief Information Security Officer

    4 weeks ago

    Singapore M1 Full time

    About M1M1 is a leading communications company in Singapore, providing mobile and fixed services to over two million customers. With a vision to enable digital services with an elastic Cloud-native and modular technology stack, we aim to offer hyper-personalized and predictive service experiences for both consumers and enterprises.Job OverviewWe are...

  • Digital Forensics and Threat Intelligence Specialist

    1 week ago

    Singapore ST ENGINEERING INFO-SECURITY PTE. LTD. Full time

    We are seeking a highly skilled Digital Forensics & Incident Response Specialist to join our cybersecurity team at ST Engineering Info-Security Pte. Ltd.About the RoleThis role requires hands-on technical expertise in analyzing security incidents, conducting proactive threat hunts, and investigating breaches.Key Responsibilities:Conduct comprehensive digital...

  • Information Security Threat Intelligence Engineer

    3 weeks ago

    Singapore TIKTOK PTE. LTD. Full time

    Job SummaryTikTok PTE. LTD., a leading short-form mobile video platform, seeks an experienced Information Security Threat Intelligence Engineer to join its Business Risk Integrated Control (BRIC) team.About UsTikTok is the leading destination for short-form mobile video, with a mission to inspire creativity and bring joy. Our global headquarters are in Los...

  • Digital Forensics and Threat Hunting Expert

    2 weeks ago

    Singapore St Engineering Info-security Pte. Ltd. Full time

    Job Title: Digital Forensics and Threat Hunting ExpertAbout the Role:We are seeking a highly skilled and experienced Digital Forensics & Incident Response Specialist to join our cybersecurity team in Jurong East. This role requires hands-on technical expertise in analyzing security incidents, conducting proactive threat hunts, and investigating...

  • Information Security Analyst

    4 days ago

    Singapore Secur Solutions Group Full time

    Overview of the Organization: Citi, the leading global bank, has approximately 200 million customer accounts and does business in more than 160 countries and jurisdictions. Citi provides consumers, corporations, governments, and institutions with a broad range of financial products and services, including consumer banking and credit, corporate and...

  • Information Security Threat Response Specialist

    1 week ago

    Singapore SPADE CONSULTING AND SERVICES PTE. LTD. Full time

    We are seeking a highly skilled Information Security Threat Response Specialist to join our team at SPADE CONSULTING AND SERVICES PTE. LTD.The successful candidate will be responsible for monitoring and analyzing security threats, responding to incidents, and implementing measures to prevent future attacks.Key Responsibilities:Maintaining the highest level...

  • Information Security Analyst

    6 days ago

    Singapore Citi Full time

    Overview of the Organization: Citi, the leading global bank, has approximately 200 million customer accounts and does business in more than 160 countries and jurisdictions. Citi provides consumers, corporations, governments, and institutions with a broad range of financial products and services, including consumer banking and credit, corporate and...

  • Information security manager

    1 month ago

    Singapore Quesscorp Singapore Pte Ltd Full time

    INFORMATION SECURITY MANAGER Salary: $11000-14000 Job Description: Developing and implementing security policies, procedures, and guidelines to ensure compliance with industry standards and regulations. Leading the design and implementation of security controls, including firewalls, intrusion detection systems, endpoint protection, and security information...

  • Information Security Specialist

    6 days ago

    Singapore TOSS-EX PTE. LTD. Full time

    At TOSS-EX PTE. LTD., we are seeking an experienced Information Security Specialist to join our team in the role of Threat Detection and Response. About the Role:We are looking for a highly skilled and motivated individual who can help us protect our digital assets from evolving threats. As an Information Security Specialist, you will be responsible for...