TikTok is the leading destination for short-form mobile video. Our mission is to inspire creativity and bring joy. TikTok has global offices including Los Angeles, New York, London, Paris, Berlin, Dubai, Singapore, Jakarta, Seoul and Tokyo.
Why Join Us
At TikTok, our people are humble, intelligent, compassionate and creative. We create to inspire - for you, for us, and for more than 1 billion users on our platform. We lead with curiosity and aim for the highest, never shying away from taking calculated risks and embracing ambiguity as it comes. Here, the opportunities are limitless for those who dare to pursue bold ideas that exist just beyond the boundary of possibility. Join us and make impact happen with a career at TikTok.
The Global Security Organization provides industry-leading cyber-security and business protection services to TikTok globally. Our organization employs four principles that guide our strategic and tactical operations. Firstly, we Champion Transparency & Trust by leading the charge in organizational transparency, prioritizing customer trust, and placing user needs first. Secondly, we aim to maintain Best in Class Global Security by proactively identifying and reducing risks while enabling innovative product development. We constantly work towards a sustainable world-class security capability. Thirdly, we strive to be a Business Catalyst & Enabler by embodying the DNA of technical innovation and ensuring our Global Security operations are fast and agile. Finally, we Drive Empowered & Risk-Informed Decision Making by providing our leaders with the necessary information to make agile decisions based on risk. In order to enhance collaboration and cross-functional partnerships, our organization follows a hybrid work schedule that requires employees to work in the office for 2 to 3 days a week, as directed by their manager. We regularly review our hybrid work model, and the specific requirements may change at any time.
As a direct report to the Head of Threat and Incident Management, you will lead TikTok's Global Cyber Fusion Center Operations. The preferred candidate will be responsible for leading these efforts in collaboration with the Head of Threat and Incident Management for TikTok worldwide. The candidate must have expert skills in conducting technical analysis of security events, as well as malware analysis, incident triage and escalation, digital forensics and other general incident response related issues. The candidate must also have the ability to communicate well, motivate and lead cross functional and individual contributor teams independently, participate in coordinating response and defensive actions over a variety of security disciplines, and disseminate technical information as appropriate in support of TikTok's critical business, go to market, and operational infrastructure needs. The candidate will develop, select, and motivate highly effective leaders and employees to execute the TikTok business model.
Tasks and Responsibilities
- Work closely with partners in security engineering, IT, and individual business units to deliver exceptional SOC services. Develop hybrid SOC teams that work closely with engineering teams to understand and tune alerts and rapidly and independently implement effective detections for sophisticated adversial attacks methods using a unique, in-house toolstack
- Develop relevant policies, procedures, and guidelines for the Threat Detection and Response program; ensure compliance with, and support audits for, various standards, including but not limited to ISO270001 and PCI
- Develop incident response plans and procedures, including identification, remediation, containment, and eradication procedures
- Perform threat hunting proactively to identify threats and assess the state of security controls; work with in-house red teams in order to detect offensive operations, and capture and action findings
- Work closely with engineering teams to continuously provide technology requirements and use cases for enabling technologies including but not limited to SIEM, SOAR, Case Management, GRC, EDR, Intrusion Detection Systems, HIPS, Web Proxy/Content Filtering, Active Directory, PKI
- Work with partners to mature crisis procedures and security and privacy incident management
- Synthesize technical details of critical incidents to executive management and provide immediate containment and eradication recommendations
- Bachelors’ Degree or industry equivalent work experience in international security architecture and engineering in a cyber security operations program
- CISSP, GCIA, GCIH, GREM or applicable experience in the Information Security field
- At least 12 years directly related experience
- One or more programming/scripting languages (e.g., C++, Perl, Java, Python, etc.)
- Demonstrated experience in leading a security focused capability and providing world class services at enterprise scale
- Expertise in performing or overseeing malware analysis and overseeing digital forensics for incident response
- Strong Operating System Administration skills including conceptual knowledge of OS internals and experience with core service types
- Strong experience with *NIX and Windows networking environments
- Experience in maintaining a working knowledge of global attack groups and their tools, techniques, and procedures
- Works well under pressure and within time/budget constraints to solve problems or meet objectives.
- Excellent fundamental knowledge of industry standard frameworks such as MITRE ATT&CK
TikTok is committed to creating an inclusive space where employees are valued for their skills, experiences, and unique perspectives. Our platform connects people from across the globe and so does our workplace. At TikTok, our mission is to inspire creativity and bring joy. To achieve that goal, we are committed to celebrating our diverse voices and to creating an environment that reflects the many communities we reach. We are passionate about this and hope you are too.