Tiktok - New York, NY
posted 4 days ago
As an Application Security Penetration Tester at TikTok's U.S. Data Security (USDS), you will play a crucial role in validating security controls around web resources and mobile applications, as well as their backend web services. This position is part of a new, security-first division dedicated to enhancing data protection policies and content assurance protocols to ensure the safety of U.S. users. You will collaborate with a team of security testing professionals to improve existing service offerings and security testing capabilities, focusing on identifying vulnerabilities, particularly those outlined by the OWASP Top Ten, in both web and mobile applications. In this role, you will be expected to develop and modify custom tooling to address new security needs, build strong relationships with engineering teams to elevate TikTok's security posture, and conduct full exploitation operations in both Windows and Unix environments. Your responsibilities will also include creating comprehensive reports and presentations tailored for both technical and executive audiences, effectively communicating findings and strategies to various stakeholders, including technical staff, executive leadership, and legal counsel. You will engage in innovative research and foster an environment of knowledge sharing, while performing web application testing, mobile application testing, network penetration testing, and source code reviews. The ideal candidate will possess a deep understanding of operating systems, networking protocols, firewalls, databases, and middleware applications, along with skills in forensics, scripting, and programming. Continuous improvement of your tradecraft through research is expected as part of the Offensive Security Operations team. The position follows a hybrid work model, requiring in-office work three days a week, with flexibility based on departmental needs. This role may also involve occasional travel to perform on-site testing at data centers or office locations, approximately once every 2-3 months.