Senior Security Specialist

Overview

As a senior security researcher, you will be a member of TikTok’s enterprise Threat Detection and Response team. The Threat Detection and Response team is responsible for 24x7 monitoring of multiple security-related information sources to manage incidents related to cyber, privacy, and data protection for TikTok data, infrastructure, and products. The team regularly surveys TikTok's networks for signs of a breach, malware, or unauthorized access, and develops and maintains incident response plans, playbooks, and procedures. The team is responsible for data collection and analysis of Incident Response data.

• Ability to serve as an incident commander during a cybersecurity incident and run bridges between cross-functional stakeholders, effectively managing and overseeing the entire incident response lifecycle from detection to resolution.
• Perform technical analysis and assessments of cybersecurity-related incidents, including malware analysis, packet-level analysis, and system-level forensic analysis.
• Lead cross-functional projects to improve our capabilities to effectively detect and respond to security incidents.
• Mentor and guide TDR junior security engineers to grow their incident response skills.
• Develop incident response plans and procedures, including identification, remediation, containment, and eradication procedures.
• Synthesize technical details of critical incidents to executive management and provide immediate containment and eradication recommendations.
• Support the onboarding of new products, data, processes, or tools by identifying requirements and integrating them into operations (processes, playbooks, and training).
• Work with the Detection Engineering team to create custom rulesets to detect and hunt for advanced threat actor tactics, techniques, and procedures (TTPs).
• This position is part of a 24x7x365 operation and may require shift and/or on-call work.

Minimum Qualifications

• 3-5 years of directly related experience in computer security incident handling
• Strong experience with various OS systems: Linux, MacOS and Windows
• Experience with SIEM/SOAR tools, ELK stack
• Excellent knowledge of industry-standard frameworks (e.g., MITRE ATT&CK)
• Familiar coding with one or more programming/scripting languages (e.g., Perl, Java, Python, etc.)

Preferred Qualifications

• Bachelors’ Degree or industry equivalent work experience in Cybersecurity with a focus on security analytics and incident response
• Certifications such as GCIA, GCIH, GREM, OSCP
• Work well under pressure and within constraints to solve problems and meet objectives
• Experience with identifying and responding to advanced threats and threat actor TTPs

TikTok is the leading destination for short-form mobile video. At TikTok, our mission is to inspire creativity and bring joy. TikTok's global headquarters are in Los Angeles and Singapore, and we also have offices in New York City, London, Dublin, Paris, Berlin, Dubai, Jakarta, Seoul, and Tokyo.

Inspiring creativity is at the core of TikTok's mission. Our innovative product is built to help people authentically express themselves, discover and connect – and our global, diverse teams make that possible. Together, we create value for our communities, inspire creativity and bring joy - a mission we work towards every day. We strive to do great things with great people. We lead with curiosity, humility, and a desire to make impact in a rapidly growing tech company. Every challenge is an opportunity to learn and innovate as one team. We\'re resilient and embrace challenges as they come. By constantly iterating and fostering an "Always Day 1" mindset, we achieve meaningful breakthroughs for ourselves, our company, and our users. When we create and grow together, the possibilities are limitless. Join us.

TikTok is committed to creating an inclusive space where employees are valued for their skills, experiences, and unique perspectives. Our platform connects people from across the globe and so does our workplace. At TikTok, our mission is to inspire creativity and bring joy. To achieve that goal, we are committed to celebrating our diverse voices and to creating an environment that reflects the many communities we reach. We are passionate about this and hope you are too.

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.