Responsibilities
The mission of TikTok's Global Security Organization is to build and earn trust by reducing risk and securing our businesses and products. Also known as "GSO", this team is the foundation of our efforts to keep TikTok safe, secure, and operating at scale for over 1 billion people around the world. We work to ensure that the TikTok platform is safe and secure, that our users' experience and their data remains safe from external or internal threats, and that we comply with global regulations wherever TikTok operates.
Trust is one of TikTok's biggest initiatives, and security is integral to our success. In whatever ways users interact with us - whether they're watching videos on their For You page, interacting with a Live video, or buying products on TikTok Shop - GSO protects their data and privacy, so they can have a secure and trustworthy experience.
Want more jobs like this?
Get Software Engineering jobs in San Jose, CA delivered to your inbox every week.
As a Senior Security Researcher, you will be a member of TikTok's Enterprise Threat Detection and Response team. The Threat Detection and Response team is responsible for 24x7 monitoring of multiple security-related information sources to manage incidents related to cyber, privacy, and data protection for TikTok data, infrastructure, and products. The Threat Detection and Response team will regularly survey TikTok's networks for signs of a breach, malware, or unauthorized access. Additionally, the Threat Detection and Response team is responsible for developing and maintaining incident response plans, playbooks and procedures. Finally, the Threat Detection and Response team will be responsible for data collection and analysis of Incident Response data.
Responsibilities:
• Ability to serve as an incident commander during a cybersecurity incident and run bridges between cross-functional stakeholders, effectively managing and overseeing the entire incident response lifecycle from detection to resolution.
• Perform technical analysis and assessments of cybersecurity-related incidents, including malware analysis, packet-level analysis, and system-level forensic analysis.
• Lead cross-functional projects to improve our capabilities to effectively detect and respond to security incidents
• Mentor and guide TDR security engineers to grow their incident response skills
• Develop incident response plans and procedures, including identification, remediation, containment, and eradication procedures
• Synthesize technical details of critical incidents to executive management and provide immediate containment and eradication recommendations
• Support the onboarding of new products, data, processes, or tools by identifying requirements by integrating them into operations (processes, playbooks, and training)
• Work with the Detection Engineering team to create custom rulesets to detect and hunt for advanced threat actor tactics, techniques, and procedures (TTPs).
• This position is part of a 24x7x365 operation and may require shift and/or on-call work
Qualifications
Minimum Qualifications
• Strong experience with various OS systems: Linux, MacOs and Windows
• Experience with SIEM/SOAR tools, ELK stack
• Experience with identifying and responding to advanced threats and threat actor TTPs
• Work well under pressure and within constraints to solve problems and meet objectives
• Excellent fundamental knowledge of industry-standard frameworks (e.g., MITRE ATT&CK)
• Ability to work well in an ambiguous environment
• One or more programming/scripting languages (e.g., Perl, Java, Python, etc.) Preferred certifications - GCIA, GCIH, GREM, OSCP
Preferred Qualifications
• Bachelors' Degree or industry equivalent work experience in Cybersecurity with a focus on security analytics and incident response
• 5 years of directly related experience in computer security incident handling
Job Information
[For Pay Transparency] Compensation Description (annually)
The base salary range for this position in the selected city is $147200 - $269800 annually.
Compensation may vary outside of this range depending on a number of factors, including a candidate's qualifications, skills, competencies and experience, and location. Base pay is one part of the Total Package that is provided to compensate and recognize employees for their work, and this role may be eligible for additional discretionary bonuses/incentives, and restricted stock units.
Benefits may vary depending on the nature of employment and the country work location. Employees have day one access to medical, dental, and vision insurance, a 401(k) savings plan with company match, paid parental leave, short-term and long-term disability coverage, life insurance, wellbeing benefits, among others. Employees also receive 10 paid holidays per year, 10 paid sick days per year and 17 days of Paid Personal Time (prorated upon hire with increasing accruals by tenure).
The Company reserves the right to modify or change these benefits programs at any time, with or without notice.
For Los Angeles County (unincorporated) Candidates:
Qualified applicants with arrest or conviction records will be considered for employment in accordance with all federal, state, and local laws including the Los Angeles County Fair Chance Ordinance for Employers and the California Fair Chance Act. Our company believes that criminal history may have a direct, adverse and negative relationship on the following job duties, potentially resulting in the withdrawal of the conditional offer of employment:
1. Interacting and occasionally having unsupervised contact with internal/external clients and/or colleagues;
2. Appropriately handling and managing confidential information including proprietary and trade secret information and access to information technology systems; and
3. Exercising sound judgment.