Network and Web Application Security Operations Specialist
Network and Web Application Security Operations Specialist
TikTok is the leading destination for short-form mobile video. At TikTok, our mission is to inspire creativity and bring joy. TikTok's global headquarters are in Los Angeles and Singapore, and its offices include New York, London, Dublin, Paris, Berlin, Dubai, Jakarta, Seoul, and Tokyo.
Why Join Us
Creation is the core of TikTok's purpose. Our platform is built to help imaginations thrive. This is doubly true of the teams that make TikTok possible.
Together, we inspire creativity and bring joy - a mission we all believe in and aim towards achieving every day.
To us, every challenge, no matter how difficult, is an opportunity; to learn, to innovate, and to grow as one team. Status quo? Never. Courage? Always.
At TikTok, we create together and grow together. That's how we drive impact - for ourselves, our company, and the communities we serve.
Join us.
Team Introduction
The Global Security Organization provides industry-leading cybersecurity and business protection services to TikTok globally. Our organization employs four principles that guide our strategic and tactical operations. Firstly, we champion Transparency & Trust by leading the charge in organizational transparency, prioritizing customer trust, and placing user needs first. Secondly, we aim to maintain Best in Class Global Security by proactively identifying and reducing risks while enabling innovative product development. We constantly work towards a sustainable world-class security capability. Thirdly, we strive to be a Business Catalyst & Enabler by embodying the DNA of technical innovation and ensuring our Global Security operations are fast and agile. Finally, we Drive Empowered & Risk-Informed Decision Making by providing our leaders with the necessary information to make agile decisions based on risk.
In your capacity as a key contributor Security Operations, you are part of a team that manages the design, engineering, and deployment of tools and technologies to monitor our global infrastructure footprint to validate data inventory, access and protection, and security of our vast infrastructure of data center, SaaS, and IaaS. This will include servicability and continuing improvement of technology platforms, technologies, and services as well as oversight to your team as they manage operational configuration updates to security tools and validate effectiveness. Further, you and your team will create a strategy for controlling the environment to enable and protect TikTok's infrastructure, technologies, and services. This will entail understanding requirements, designing controls, and ultimately managing the on-going operation of those controls.
The candidate must be skilled in conducting technical analysis of network security and business problems, as well as threats, incidents, investigations, workforce protection, and other general security-related issues. The candidate must also have the ability to communicate well, participate in coordinating response and defensive actions over a variety of security disciplines, and disseminate security information as appropriate in support of TikTok's critical business, go to market, and operational infrastructure needs. The candidate will develop, select, and motivate highly effective employees to execute TikTok's business model.
Tasks and Responsibilities:
- Support the development and execution of enterprise-wide network security programs
- Implementing regulatory systems in accordance with IT security standards.
- Build technical and functional requirements to configure and deploy network security tooling
- Develop standard operating procedures and trainings for each technology
- Architect and continuously improve security technology stack, process and procedures, support model and cross-function interactions
- Review and investigate alerts generated from network security tools (e.g., firewalls, SWG) and escalate as appropriate
- Review and assess utilization of network security tooling
- Promote and drive adoption of network security tooling across the enterprise
- Partner across the Security Operations team to respond to cybersecurity incidents
- Develop and report network security coverage metrics and remediation plans
- Maintain strong vendor relationships for network security tooling for continuous support
- Define procedures to validate the effectiveness of the design, deployment, and management of security controls that aim to maintain confidentiality, integrity, and availability of networks and technology platforms
- Implement and maintain network security infrastructure globally including Firewalls, DDOS mitigation, VPN, IPS/IDS systems, egress filtering, Cryptography, and Application security
- Securing and supporting high availability of global networks with SLA and 24x7 on-call rotation as per duty schedule
Qualifications
Minimum Qualifications:
- Bachelors’ Degree or industry equivalent work experience in cybersecurity, international security architecture, and/or engineering in a converged security program
- 3+ years applicable experience
- Demonstrate ability to quickly assimilate to new knowledge and remain current on new developments in cybersecurity capabilities and industry knowledge
- Demonstrable experience in building distributed security systems and cross-regional highly available services
- Solid knowledge in routing and switching technologies and protocols TCP/IP, BGP, OSPF, EIGRP, VTP, VRF, STP, VLAN, vPC, HSRP, VRRP, MPLS, QoS, GRE, IP SEC, DNS, TACACS, NTP, SDN, SD-WAN etc.
- Experience with compliance assessments such as NIST, PCI, SOX, and ISO
- In-depth experience in the following:
- Operating system (OS) hardening
- Antivirus software
- Metadata management
- Asset management
- Change management
- Microservice architecture
- Data leakage/content monitoring and filtering
- Configuration of network and host-based firewalls
Preferred Qualifications:
- CISSP, SSCP, CAP, CCSP, CISM, CSX-P or applicable experience in the Information Security field
- CCNA/CCNP, PCNSE, AWS Networking, Security and related Cloud Networking/Security certifications are a plus.
- Experience using one or more programming/scripting languages (e.g., Python, Go, Java, etc.)
- Familiarity with source code management tools (e.g., Github, Bitbucket)
- Familiarity with securing data across SaaS and IaaS cloud platforms (e.g., AWS, Google Cloud Platform)
- Familiarity with securing data across multiple database technologies (e.g., MySQL, Redis, Hive)
- Be comfortable communicating with business executives and technical teams
TikTok is committed to creating an inclusive space where employees are valued for their skills, experiences, and unique perspectives. Our platform connects people from across the globe and so does our workplace. At TikTok, our mission is to inspire creativity and bring joy. To achieve that goal, we are committed to celebrating our diverse voices and to creating an environment that reflects the many communities we reach. We are passionate about this and hope you are too.
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
job faster
