SOC Lead

**About ByteDance**

Founded in 2012, ByteDance's mission is to inspire creativity and enrich life. With a suite of more than a dozen products, including TikTok, Helo, and Resso, as well as platforms specific to the China market, including Toutiao, Douyin, and Xigua, ByteDance has made it easier and more fun for people to connect with, consume, and create content.

**Why Join Us**

At ByteDance, our people are humble, intelligent, compassionate and creative. We create to inspire - for you, for us, and for millions of users across all of our products. We lead with curiosity and aim for the highest, never shying away from taking calculated risks and embracing ambiguity as it comes. Here, the opportunities are limitless for those who dare to pursue bold ideas that exist just beyond the boundary of possibility. Join us and make impact happen with a career at ByteDance.

**About the Team**

The infrastructure team supports the company's fast growth by building and operating hyperscale datacenters, managing the life cycle of server fleet, providing cloud solutions, and developing various infrastructure services and making sure they are scalable and are reliable.

**Responsibilities**
- Hire and develop SOC talent including FTEs and contracting vendor services
- Provide leadership to Security Operations Center Analysts and oversee daily activities
- Provide regular training sessions and mentorship opportunities to facilitate knowledge-sharing within the team.
- Drive the implementation of the Global SOC capabilities
- Mature the security monitoring and incident response/management framework of cyber and physical security events in a highly available Security Operation Center (SOC) that supports internal and external customers
- Establish and implement policies and procedures aligned to industry standards
- Establish performance goals and program priorities
- Partner with Physical Security, DC Engineering and Operations, and DC Development teams
- Monitor and analyze logs, events, and alerts to identify security issues for remediation and investigate events and incidents
- Optimize and improve the incident response times
- Enhance threat detection capabilities; proactive “threat hunting” to detect incidents
- Tune rules and thresholds to improve fidelity of alerts
- Prepare reports of analysis and results to provide briefings to management and stakeholders
- Provide Incident Response support when analysis confirms actionable incident
- Investigate, document, and report on information security issues and emerging trends.

**Qualifications**
- Experience as a Senior Security Analyst or Infrastructure Engineering/Operations leading a team
- Experience with Security Operations Center, network event analysis and/or threat analysis
- Knowledge of various security methodologies and technical security solutions
- Experience analyzing data from cybersecurity monitoring tools
- Experience tuning and/or configuring SIEM and vulnerability tools
- Scripting experience in Linux or PowerShell preferred
- Bachelor’s degree in Computer Science, Information Technology or equivalent experience.

**Basic Qualifications**
- 5 years+ experience in command center, service center, or similar 24x7 operations center environment
- Ability to quickly triage multiple incidents and assign the right priority based on risk and confidence levels
- Ability to motivate the team to drive maximum performance and output
- Identify opportunities for training and improvement for team's career growth
- Working knowledge of technical elements associated with security systems such as IP networks, servers, LAN/WAN
- Outstanding verbal and written communication skills required, work with mínimal direction, meeting goals, attention to details and an eye for continuous improvements
- Ability to successfully interact at all levels of the organization, including with clients, while functioning as a team player required
- Working knowledge of data protection policies such as GDPR and the need to keep sensitive information secure
- Willingness to work flexible schedules/shifts/areas, including weekends, nights, and holidays, on-call as needed

**Preferred Qualifications**
- Works well under pressure and within time/budget constraints to solve problems and complete security deliverables
- Experience with Lenel, Avigilon, SOAR, SAOS, Grafana, systems is a plus
- Working knowledge and/or certifications in: Genetec, AMAG, Software House, Hirsch, S2 and other ACS, VMS, IDS and CCTV system is a plus

ByteDance is committed to creating an inclusive space where employees are valued for their skills, experiences, and unique perspectives. Our platform connects people from across the globe and so does our workplace. At ByteDance, our mission is to inspire creativity and enrich life. To achieve that goal, we are committed to celebrating our diverse voices and to creating an environment that reflects the many communities we reach. We are passionate about this and hope yo