Responsibilities
Founded in 2012, ByteDance's mission is to inspire creativity and enrich life. With a suite of more than a dozen products, including TikTok, Helo, and Resso, as well as platforms specific to the China market, including Toutiao, Douyin, and Xigua, ByteDance has made it easier and more fun for people to connect with, consume, and create content.
Why Join Us
Creation is the core of ByteDance's purpose. Our products are built to help imaginations thrive. This is doubly true of the teams that make our innovations possible.
Together, we inspire creativity and enrich life - a mission we aim towards achieving every day.
To us, every challenge, no matter how ambiguous, is an opportunity; to learn, to innovate, and to grow as one team. Status quo? Never. Courage? Always.
At ByteDance, we create together and grow together. That's how we drive impact - for ourselves, our company, and the users we serve.
Join us.
Team Introduction
ByteDance's IT security team is responsible for enterprise IT global cyber security, server security, endpoint security, application security construction, and protection work. They work to improve overall IT security capabilities and security posture, providing security processes, security assessments, security operations, and security vulnerability management services. The team also supports IT teams and business departments in meeting their security requirements.
Responsibilities
- Monitor security alerts and events generated by various security tools and technologies, such as SIEM, IDS/IPS, firewalls, and endpoint detection and response (EDR) systems.
- Analyze security incidents to determine their severity, impact, and root cause, and take appropriate actions to mitigate and remediate them.
- Conduct proactive threat hunting and vulnerability assessments to identify potential security risks
- Perform log, traffic and malware analysis to identify and mitigate potential security breaches.
- Maintain and enhance security monitoring tools and technologies, ensuring their effectiveness in detecting and preventing security threats.
- Develop and maintain standard operating procedures (SOPs) and runbooks for incident detection, analysis, and response processes.
- Collaborate with cross-functional teams to implement security projects, ensure that security measures are integrated, ensure compliance with regulatory requirements and industry standards, coordinate incident response activities and ensure timely resolution of security issues
- Stay up-to-date on the latest cybersecurity threats, vulnerabilities, and attack techniques, and proactively recommend measures to enhance our security posture.
- Participate in security awareness training and exercises to educate employees on best practices for cybersecurity hygiene and incident response.
- Flexible working hours may require scheduled work on weekends and/or holidays
Qualifications
Minimum Qualifications
- 3 years of experience working in a 24x7 security operations center (SOC) as a security analyst
- Excellent analytical and problem-solving skills, with the ability to quickly identify and respond to security incidents, analyze complex security issues and develop effective solutions.
- Experience with malware analysis and techniques, and familiarity with common malware families and attack vectors.
- Functional knowledge of MITRE ATT&CK framework and other cybersecurity methodologies
- Proficiency in using SIEM tools (e.g., Splunk, ELK Stack, ArcSight) for log management, event correlation, and threat detection.
Preferred Qualifications
- Bachelor's degree in Computer Science, Cyber Security, or STEM field
- Proven experience in security operations, incident response, vulnerability management or a related field.
- Demonstrated experience in network security, server security, endpoint security, web security etc.
- In-depth knowledge of cyber security technologies, including firewalls, IDS/IPS, EDR, BYOD, SIEM, endpoint protection.
- Strong communication and interpersonal skills, with the ability to collaborate effectively with cross-functional teams across different time zones
- Ability to work in a fast-paced environment and manage multiple tasks simultaneously.
- Relevant certifications (e.g., Security+, CEH, CISSP, GCIA, SSCP) are a plus.
- Programming, threat hunting, and pentesting ability are preferred.
ByteDance is committed to creating an inclusive space where employees are valued for their skills, experiences, and unique perspectives. Our platform connects people from across the globe and so does our workplace. At ByteDance, our mission is to inspire creativity and enrich life. To achieve that goal, we are committed to celebrating our diverse voices and to creating an environment that reflects the many communities we reach. We are passionate about this and hope you are too.
ByteDance Inc. is committed to providing reasonable accommodations in our recruitment processes for candidates with disabilities, pregnancy, sincerely held religious beliefs or other reasons protected by applicable laws. If you need assistance or a reasonable accommodation, please reach out to us at https://shorturl.at/cdpT2
Job Information:
【For Pay Transparency】Compensation Description (annually)
The base salary range for this position in the selected city is $118800 - $269800 annually.
Compensation may vary outside of this range depending on a number of factors, including a candidate’s qualifications, skills, competencies and experience, and location. Base pay is one part of the Total Package that is provided to compensate and recognize employees for their work, and this role may be eligible for additional discretionary bonuses/incentives, and restricted stock units.
Our Company Benefits Are Designed To Convey Company Culture And Values, To Create An Efficient And Inspiring Work Environment, And To Support Our Employees To Give Their Best In Both Work And Life. We Offer The Following Benefits To Eligible Employees:
We cover 100% premium coverage for employee medical insurance, approximately 75% premium coverage for dependents and offer a Health Savings Account(HSA) with a company match. As well as Dental, Vision, Short/Long term Disability, Basic Life, Voluntary Life and AD&D insurance plans. In addition to Flexible Spending Account(FSA) Options like Health Care, Limited Purpose and Dependent Care.
Our time off and leave plans are: 10 paid holidays per year plus 17 days of Paid Personal Time Off (PPTO) (prorated upon hire and increased by tenure) and 10 paid sick days per year as well as 12 weeks of paid Parental leave and 8 weeks of paid Supplemental Disability.
We also provide generous benefits like mental and emotional health benefits through our EAP and Lyra. A 401K company match, gym and cellphone service reimbursements. The Company reserves the right to modify or change these benefits programs at any time, with or without notice.
For Los Angeles County (unincorporated) Candidates:
Qualified applicants with arrest or conviction records will be considered for employment in accordance with all federal, state, and local laws including the Los Angeles County Fair Chance Ordinance for Employers and the California Fair Chance Act. Our company believes that criminal history may have a direct, adverse and negative relationship on the following job duties, potentially resulting in the withdrawal of the conditional offer of employment:
- Interacting and occasionally having unsupervised contact with internal/external clients and/or colleagues;
- Appropriately handling and managing confidential information including proprietary and trade secret information and access to information technology systems; and
- Exercising sound judgment.