Job description
Responsibilities
TikTok is the leading destination for short-form mobile video. Our mission is to inspire creativity and bring joy. TikTok has global offices, including Los Angeles, New York, London, Paris, Berlin, Dubai, Mumbai, Singapore, Jakarta, Seoul, and Tokyo.
Why Join Us
At TikTok, our people are humble, intelligent, compassionate and creative. We create to inspire - for you, for us, and for more than 1 billion users on our platform. We lead with curiosity and aim for the highest, never shying away from taking calculated risks and embracing ambiguity as it comes. Here, the opportunities are limitless for those who dare to pursue bold ideas that exist just beyond the boundary of possibility. Join us and make impact happen with a career at TikTok.
Our Global Security function provides services to TikTok's US market using four principles that guide our strategic and tactical operations. First, we champion trust and transparency, leading the charge in organizational transparency and execution of security and privacy capabilities that drive customer trust. Second, we are a business catalyst and enabler, embodying the DNA of technical innovation. Third, we drive risk-informed and empowered decision-making, giving our business leaders the information needed to make key decisions. Finally, we proactively identify and reduce risk while enabling innovative product development – to consistently build sustainable world-class and trusted security capabilities.
As a member of TikTok’s Cyber Security Operations Center (CSOC) team, you will join a strong team of people with the overarching goal of detecting and responding to threats facing TikTok's products, services and customers around the world. You'll be based in our Cyber Fusion Center.
The CSOC team within TikTok’s Chief Security and Privacy Organization (CSPO) is responsible for 24x7 monitoring of multiple security-related information sources to manage incidents related to cyber, privacy, and data protection for TikTok data, infrastructure, and products. The CSOC team will regularly survey the TikTok networks for signs of a breach, malware, or unauthorized access. Additionally, the CIRC team is responsible for developing and maintaining incident response plans, playbooks and procedures. Finally, the CSOC team will be responsible for data collection and analysis of Incident Response data. All CSOC analyst roles are currently required to work a hybrid 2 days a week in the office and work from home the remainder of the week.
The CSOC team will take disparate data sets when combined with threat information and other enrichment to conduct analysis and identify incidents and drive appropriate responses to contain and minimize impact and restore normal operations. The analysis is used to ensure a consistent and coordinated response to ongoing threats ensuring TikTok can continue to operate safely and securely.
The preferred candidate will have experience in conducting technical analysis of security events, ideally in malware analysis, incident triage and escalation, digital forensics, and other general incident response-related issues. The candidate must also communicate effectively with peers and cross-functional teams. You will participate in coordinating response and defensive actions over a variety of security disciplines and disseminate technical information as appropriate in support of TikTok’s critical business, go-to-market, and operational infrastructure needs.
Qualifications
Education: Bachelor’s degree in Cybersecurity or equivalent information security, privacy, risk, compliance, project management or like discipline from an accredited college or university or measurable knowledge / experience from proven industry, military, defense, or government operations.
Minimum Qualifications:
- At least 1-3 years of experience handling security-related incidents.
- Experience in computer security incident handling
- Excellent analytical and problem-solving skills.
- Excellent communication skills (verbal and written).
- Demonstrated teamwork and collaboration skills.
- Ability to communicate technical concepts to a broad range of technical and non-technical staff.
- Strong Operating System Administration skills including conceptual knowledge of OS internals and experience with core service types
- Exposure to Cloud Computing
- CompTIA Security+
- CompTIA Linux+
- CompTIA Network+
- Excellent communication skills (verbal and written) along with teamwork collaboration per global and multi-functional teams and intelligence source groups
- Experience creating and disseminating reports to multi-level audiences in a technical environment
- Expert knowledge of cyber intelligence data sources and platforms
- Expert knowledge of control of processes for configurations of systems
- Demonstrates excellent time management and prioritization
- Highly motivated to contribute and grow within a complex area of emerging importance in an enterprise environment
- Industry relevant certification(s) (CISSP, GSEC, CISA, Security+, Network+, etc.)