Red Team Engineer, Security Assurance

About the Company
Founded in 2012, ByteDance's mission is to inspire creativity and enrich life. With a suite of more than a dozen products, including TikTok as well as platforms specific to the China market, including Toutiao, Douyin, and Xigua, ByteDance has made it easier and more fun for people to connect with, consume, and create content.
Why Join Us
Creation is the core of ByteDance's purpose. Our products are built to help imaginations thrive. This is doubly true of the teams that make our innovations possible.
Together, we inspire creativity and enrich life - a mission we aim towards achieving every day.
To us, every challenge, no matter how ambiguous, is an opportunity; to learn, to innovate, and to grow as one team. Status quo? Never. Courage? Always.
At ByteDance, we create together and grow together. That's how we drive impact - for ourselves, our company, and the users we serve.
Join us.
About the Team
The team is missioned to build infrastructures, platforms and technologies, as well as to support cross-functional teams to protect our users, products and infrastructures. In this team, you'll have a unique opportunity to have first-hand exposure to the strategy of the company in key security initiatives, especially in building scalable and secure-by-design systems and solutions. Our challenges are not your regular day-to-day technical problems; you'll be part of a team that's developing new solutions to new challenges of a kind not previously addressed by big tech. It's working fast, at scale, and we're making a difference.
We are looking for talented individuals to join us in 2025. As a graduate, you will get unparalleled opportunities for you to kickstart your career, pursue bold ideas and explore limitless growth opportunities. Co-create a future driven by your inspiration with ByteDance.
Job Responsibilities
- Maintain a deep understanding of ByteDance Enterprise Products, how they work, and how they could be attacked or abused.
- Conducts security exercises that emulate real-world threats, TTPs that are most relevant to our organization.
- Translate requirements into test plan, write and execute test scripts or codes in line with standards and procedures to determine vulnerability to attacks.
- Write detailed reports covering the goals and outcomes of Red Team operations, including significant observations and recommendations.
- Collaborate across multiple defense/product teams to propose enhancements and improve current security offerings.

Minimum Qualifications
- Final year or recent graduates with a background in Computer Science, Computer Engineering, Information Systems or other STEM disciplines.

**Strong knowledge in some of these various disciplines**: red team operations, infrastructure security, MITRE, TTPs.
- An adversarial mindset to emulate a real-world attacker.
- Excellent and professional communication skills (written and verbal) with an ability to articulate complex topics in a clear and concise manner.

Preferred Requirements
- Red Team Experience in an enterprise environment.
- CTF players, live competitions and hacking events experience.
- CVEs (excluding vulnerabilities such as XSS, CSRF in random CMS) are preferred.
- BugBounty experience with reputable statistics in HackerOne, BugCrowd etc.

ByteDance is committed to creating an inclusive space where employees are valued for their skills, experiences, and unique perspectives. Our platform connects people from across the globe and so does our workplace. At ByteDance, our mission is to inspire creativity and enrich life. To achieve that goal, we are committed to celebrating our diverse voices and to creating an environment that reflects the many communities we reach. We are passionate about this and hope you are too.