Responsibilities
About the Team
The TikTok Cyber Fusion Center is a global brand with locations opening in Washington D.C., Australia, and the UK. A Cyber Fusion Center comprises specialized, highly proficient security professionals who enable rapid and informed response to protect the company from cyber threat scenarios.
The Fusion Center Principal will lead the TikTok US Cyber Fusion Center in Washington, DC. You will build and lead a team of people, processes and technologies with the overarching goal of detecting and responding to threats that could impact TikTok's US operations.
The TikTok US Fusion Center will in-take, investigate and perform incident response against threats with the potential to impact TikTok US. For cyber-related threats, the Cyber Fusion Center team will detect, investigate, and respond to threats or malicious activities within the enterprise. Your team will regularly survey the TikTok networks for signs of a breach, malware or unauthorized access. You will identify and disrupt major threats that target TikTok users or utilize TikTok's infrastructure.
Want more jobs like this?
Get jobs in Washington, DC delivered to your inbox every week.
Additionally, your team will develop and maintain standard operating procedures and response plans. Join our team to lead and execute purple team exercises in collaboration with the USDS red team, enhancing incident response processes and refining operational procedures.
Your team will be responsible for collecting and analyzing data to support threat investigations.
The preferred candidate will be responsible for leading these efforts in collaboration with peer Fusion Center Principals globally. The candidate must have expert skills in conducting technical analysis of security events, malware analysis, incident investigation and escalation, digital forensics and other general incident response related issues. The candidate must also have the ability to communicate effectively, motivate and lead cross functional and individual contributor teams independently, participate in coordinating response and defensive actions over a variety of security disciplines, and disseminate technical information as appropriate in support of TikTok's critical business and operational infrastructure needs. The candidate will develop, select, and motivate highly effective employees to protect the TikTok business.
In order to enhance collaboration and cross-functional partnerships, among other things, at this time, our organization follows a hybrid work schedule that requires employees to work in the office 3 days a week, or as directed by their manager/department. We regularly review our hybrid work model, and the specific requirements may change at any time.
Tasks and Responsibilities:
- Develop and document standard operating procedures including identification, remediation, containment, and eradication procedures
- Identify major threats that target TikTok users or utilize company infrastructure
- Develop a staffing structure and roles and responsibilities for a 24x7x365 monitoring and response capability
- Provide input to cross functional teams to ensure that log sources meet analyst needs and that sensors and collection devices are placed strategically throughout the environment
- Work with Crisis and Incident Management to enable procedures and execute them when necessary
- Work with Human Resources and Recruiting to build a staffing and development plan to attract, develop, and retain world class talent at all levels
- Synthesize technical details of critical incidents to executive management and provide immediate containment and eradication recommendations
Qualifications
Minimum Qualifications
- Bachelors' Degree or industry equivalent work experience in security architecture and engineering in a converged security program
- CISSP, GCIA, GCIH, GREM or applicable experience in the Information Security field
- 5+ years experience & expert in computer security incident handling and responding to Advanced Persistent Threats
- Strong leadership skills and the ability to foster a collaborative, high performing team with Excellent analytical, problem-solving, communication (verbal and written) skills with the ability to influence without authority.
- Demonstrated teamwork and collaboration skills - in particular in leading or contributing to multi-functional teams while being able to balance risks in ambiguous and complex situations.
Preferred Qualifications
- Demonstrated experience in leading a security focused capability and providing world class services at enterprise scale with Expertise in performing or overseeing malware analysis, performing or overseeing digital forensics for incident response
- Strong Operating System Administration skills including conceptual knowledge of OS internals and experience with core service types
- Strong experience with *NIX and Windows environments
- Experience in maintaining a working knowledge of global attack groups and their tools, techniques, and procedures
- Strong analytical/problem solving skills and cross functional knowledge across multiple IT operational and security disciplines while possessing a high degree of integrity, be trustworthy, and have the ability to lead and inspire change.