Vulnerability Management Senior Analyst (Global) - Washington DC, New York, Los Angeles, or Mountain View

TikTok

Washington, DC

Why you should apply for a job with TikTok:

Employee well-being is supported via hybrid work, short-term counseling through our EAP and a premium subscription to Headspace.
We embrace diversity across all dimensions and provide employees with 9 employee resource groups globally, including our WOMEN ERG.
Comprehensive parental leave policy as well as fertility treatment through healthcare providers with a $20,000 lifetime maximum.

Get jobs straight to your inbox

Anonymous company reviews, virtual recruiting events, and a supportive community for women when you sign up.

#JMSUV

Position summary

TikTok is the leading destination for short-form mobile video. Our mission is to inspire creativity and bring joy. TikTok has global offices, including Los Angeles, New York, London, Paris, Berlin, Dubai, Mumbai, Singapore, Jakarta, Seoul, and Tokyo. The Global Security Organization provides industry leading security and privacy services to TikTok globally. Our organization uses four principles that guide our strategic and tactical operations. First, we champion trust and transparency, leading the charge in organizational transparency and execution of security and privacy capabilities that drive customer trust. Second, we are a business catalyst and enabler, embodying the DNA of technical innovation. Third, We drive risk informed and empowered decision making, giving our business leaders the information needed to make key decisions. Finally, we proactively identify and reduce risk while enabling innovative product development – to consistently build sustainable world-class security capabilities. The Vulnerability Management Senior Analyst is tasked with the day to day activities of the Vulnerability Management Team. They schedule, conduct, and regularly review vulnerability scans, analyzing for key risks and escalating where needed. They should be aware of current policies and procedures and ensure they are being followed properly. The senior analyst should have hands on experience with vulnerability management tools and be able to mentor and advise other team members. Tasks and Responsibilities: - Continuously log and track remediation activities of discovered vulnerabilities throughout the environment - Evaluate vulnerabilities based on prioritization criteria - Investigate persistent vulnerabilities - Coordinate and communicate with cross-functional teams throughout the VM lifecycle - Generate and distribute operational-level reports - Facilitate exception handling and escalation - Support regulatory compliance monitoring and reporting - Review and optimize scan templates to ensure complete coverage of environment - Support treatment and remediation activities with identified points of contact and system owners - Provide risk analysis for identified vulnerabilities and system change requests - Maintain regular communication with Vulnerability Management Lead and organizational management for collaboration, process optimization, tools tuning, and information sharing - Bachelor’s Degree or industry equivalent work experience in vulnerability management in a security program - Approximately 5-7 years of applicable experience - Hands on operational experience with vulnerability management tools (e.g. Qualys, Nexpose) including the ability to deploy, configure, and run these tools. - Knowledge of vulnerability scoring systems (e.g. CVSSv3) - Ability to conduct root cause analysis against vulnerabilities and determine feasible technical solutions. - Ability to handle large datasets and perform vulnerability analysis - Ability to work alongside other security functions to determine vulnerability scoring and impact - Ability to examine issues both strategically and analytically. - Ability to work collaboratively in a team environment - Excellent communication skills (verbal and written) - Strong analytical and problem-solving skills - Detail oriented, organized, follow up skills with an analytical thought process - Project management experience Preferred Qualifications: - CISSP, CISM, or equivalent certification - Familiarity with vulnerability management across SaaS and IaaS cloud platforms (e.g., AWS, Google Cloud, etc.) - Working knowledge/experience with Python, SQL and REST APIs - Ability to handle ambiguity and collaborate with a global team - Ability to coach junior staff and contractors TikTok is committed to creating an inclusive space where employees are valued for their skills, experiences, and unique perspectives. Our platform connects people from across the globe and so does our workplace. At TikTok, our mission is to inspire creativity and bring joy. To achieve that goal, we are committed to celebrating our diverse voices and to creating an environment that reflects the many communities we reach. We believe individuals shouldn't be disadvantaged because of their background or identity, but instead should be considered based on their strengths and experience. We are passionate about this and hope you are too. TikTok is committed to providing reasonable accommodations during our recruitment process. If you need assistance or accommodation, please reach out to us at [email protected]

What are TikTok perks and benefits

Lactation facilities

Fertility

Unconscious bias training

Networking

Succession planning

Diversity recruiting

Diversity performance

Short term disability

Paid paternity

Paid maternity

Paid adoptive

About the company

TikTok

Industry: Technology: Consumer Internet

As the leading destination for short-form mobile video, our platform helps people around the world become a part of a global community. In a world that feels more divided than ever, we are here to inspire creativity and bring joy. We do this by embracing change, thriving in ambiguity, and always looking for solutions.

Why you should apply for a job with TikTok:

Employee well-being is supported via hybrid work, short-term counseling through our EAP and a premium subscription to Headspace.
We embrace diversity across all dimensions and provide employees with 9 employee resource groups globally, including our WOMEN ERG.
Comprehensive parental leave policy as well as fertility treatment through healthcare providers with a $20,000 lifetime maximum.