Responsibilities
Team Introduction:
The mission of TikTok's Global Security Organization is to build and earn trust by reducing risk and securing our businesses and products. Also known as "GSO", this team is the foundation of our efforts to keep TikTok safe, secure, and operating at scale for over 1 billion people around the world. We work to ensure that the TikTok platform is safe and secure, that our users' experience and their data remains safe from external or internal threats, and that we comply with global regulations wherever TikTok operates.
Trust is one of TikTok's biggest initiatives, and security is integral to our success. In whatever ways users interact with us - whether they're watching videos on their For You page, interacting with a Live video, or buying products on TikTok Shop - GSO protects their data and privacy, so they can have a secure and trustworthy experience.
Want more jobs like this?
Get jobs in Singapore delivered to your inbox every week.
Overview of this role:
As part of the Threat Detection and Response function, the Detection Engineering team focuses on improving our detection capabilities to identify malicious threats. This can involve data engineering to enrich and scale the pipelines, or analysing adversarial tradecraft and developing signals or creating tools to improve our Detection and Response capabilities.
Responsibilities:
- Research emerging cyber threats, vulnerabilities, and exploits relevant to our infrastructure and products.
- Develop new methods and technologies to detect threats , identify attack surfaces, and design data-driven approaches that use these signals to identify security threats.
- Lead cross-functional projects to implement and design security controls or tools, that enable us to better protect & detect attack vectors.
- Conduct in-depth analysis of security incidents, supporting incident response teams during investigations.
- Perform gap assessment to identify and improve tooling capabilities and detection strategy.
- Develop and optimize automations to scale detection and response capabilities.
- Utilize threat modeling and log analysis to build behavioral based detections.
- Work with stakeholders to discover new detection capabilities and logging sources.
- Apply cutting-edge AI technologies/Machine Learning (ML) to develop innovative AI solutions for security
Qualifications
Minimum Qualifications:
- Bachelors' Degree or industry equivalent work experience in CyberSecurity with a focus on security analytics and incident response
- 5+ years of applicable experience
- Proficient in using Python and related tools (numpy, pandas, sklearn, e.g.) to analyse logs, identify anomalies, and propose detection strategies.
- Familiar with common security offense/defense techniques, with hands-on experience in developing and implementing detection rules at scale.git
- Possess a strong understanding of security fundamentals across networks, hosts, applications, and containers, with the ability to comprehensively address various security threats.
Preferred Qualifications:
- Proficient in at least one of the following security products: WAF, HIDS, NTA, EDR or DLP, with practical experience in strategy development and knowledge of industry best practices/ frameworks (MITRE ATT&CK, NIST CSF, etc).
- Familiar with Detection-as-Code pipelines, integrating with in-house security tools to scale custom detections.
- Strong communication skills, ability to collaborate effectively with team members, self-motivated, and team-oriented.
- Preferred certifications - GCIA, GCIH, GREM, OSCP, OSCE³