TikTok's Global Security Organization (GSO) aims to reduce risk and secure its businesses and products, ensuring the platform is safe and secure for over 1 billion users worldwide. The Detection Engineering team specifically focuses on enhancing threat detection capabilities to identify malicious threats, protect user data and privacy, and comply with global regulations.
Requirements
- Possess a strong understanding of security fundamentals across networks, hosts, applications, and containers, with the ability to comprehensively address various security threats.
- Proficient in at least one of the following security products: WAF, HIDS, NTA, EDR or DLP, with practical experience in strategy development and knowledge of industry best practices/ frameworks (MITRE ATT&CK, NIST CSF, etc).
- Proficient in using one or more coding languages to analyse logs, identify anomalies, and propose detection strategies.
- Familiar with Detection-as-Code pipelines, integrating with in-house security tools to scale custom detections.
- Proficient in using Python and related tools (numpy, pandas, sklearn, e.g.) to analyse logs, identify anomalies, and propose detection strategies.
- Familiar with common security offense/defense techniques, with hands-on experience in developing and implementing detection rules at scale.
- Apply cutting-edge AI technologies/Machine Learning (ML) to develop innovative AI solutions for security
Responsibilities
- Develop new methods and technologies to detect threats , identify attack surfaces, and design data-driven approaches that use these signals to identify security threats.
- Lead cross-functional projects to implement and design security controls or tools, that enable us to better protect & detect attack vectors.
- Conduct in-depth analysis of security incidents, supporting incident response teams during investigations.
- Perform gap assessment to identify and improve tooling capabilities and detection strategy.
- Develop and optimize automations to scale detection and response capabilities.
- Utilize threat modeling and log analysis to build behavioral based detections.
- Work with stakeholders to discover new detection capabilities and logging sources.
Other
- Research emerging cyber threats, vulnerabilities, and exploits relevant to our infrastructure and products.
- Strong communication skills, ability to collaborate effectively with team members, self-motivated, and team-oriented.
- Preferred certifications - GCIA, GCIH, GREM, OSCP, OSCE³
- Bachelors’ Degree or industry equivalent work experience in CyberSecurity with a focus on security analytics and incident response
- 5+ years of applicable experience in Detection Engineering, Incident Response or Offensive Security
