Tiktok - Washington, DC
posted 2 months ago
Full-time - Senior
Washington, DC
Computing Infrastructure Providers, Data Processing, Web Hosting, and Related Services
About the position
The Senior Cyber Threat Hunter at TikTok's U.S. Data Security (USDS) division is responsible for detecting and mitigating critical threats to user data and operations. This role involves hands-on incident response and threat hunting activities, ensuring the security of the TikTok platform. The position requires strong leadership, communication skills, and the ability to adapt to various environments while responding to cyber incidents and proactively hunting for threats.
Responsibilities
- Demonstrate leadership abilities and communicate clearly with stakeholders during crises.
- Adapt to unique environments and understand malware and emerging threats.
- Respond to global cyber incidents caused by internal and external threats, including on-call availability.
- Map technical findings to business impacts and communicate them to non-technical audiences.
- Scope incidents, gain consensus on objectives, and lead incident response analysts during emergencies.
- Proactively hunt for adversaries who have evaded traditional detection on networks.
- Design custom detection, containment, and remediation plans for various attacks.
- Lead and work on projects supporting tactical and strategic business objectives.
- Draft communications, assessments, and reports for internal and external audiences, including leadership.
- Develop and document processes for consistent and scalable response and threat-hunting operations.
- Build scripts and automated techniques to analyze raw log data.
Requirements
- Bachelor's degree or industry-equivalent work experience in Computer Science, Information Security, Computer Engineering, or a related discipline.
- 5+ years of experience in information security and handling incidents or threat-hunting.
- Ability to be on-call and work a hybrid on-site schedule in Washington DC.
- Industry certifications such as CISSP, CISM, CISA, GCIH, CFCE, GFCA, GREM, and/or GCFE.
- Clear communication of the Incident Response Lifecycle and the Kill Chain Life Cycle.
- Detailed understanding of current cyber security threats, attacks, and adversary Tactics, Techniques, and Procedures.
- Thorough understanding of cyber security operations, security monitoring, EDR, and SIEM tools.
Nice-to-haves
- 3+ years of experience with evidence collection and maintenance of chain of custody.
- Experience in conducting Incident Response and Threat hunting in Unix/Linux and Cloud environments.
- Experience searching large data sets in Splunk.
- Excellent verbal and written communication skills and teamwork collaboration.
- Demonstrated time management, prioritization, negotiation, and interpersonal relations skills.
- Motivated to contribute and grow in a complex enterprise environment.
- Ability to prioritize risks to the business in real-time.
- Experience developing and executing work processes in a fast-paced technical environment.
- Excellent analytical and problem-solving skills with attention to detail.
Benefits
- 100% premium coverage for employee medical insurance, approximately 75% for dependents, and a Health Savings Account (HSA) with company match.
- Dental, Vision, Short/Long term Disability, Basic Life, Voluntary Life, and AD&D insurance plans.
- 10 paid holidays per year plus 17 days of Paid Personal Time Off (PPTO) and 10 paid sick days per year.
- 12 weeks of paid Parental leave and 8 weeks of paid Supplemental Disability.
- Mental and emotional health benefits through EAP and Lyra.
- 401K company match, gym, and cellphone service reimbursements.
