Senior Security Analyst (Tier 3, Insider Risk) - Global Security Organization

Tiktok Inc.
San Jose, United States of America
12 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Senior
Compensation
$ 236K

Job location

San Jose, United States of America

Tech stack

Amazon Web Services (AWS)
Data analysis
Audit Trail
Azure
Cloud Computing
Collaborative Software
Computer Security
Digital Forensics
Identity and Access Management
Virtual Private Networks (VPN)
Python
Role-Based Access Control
Cloud Services
Software Engineering
Google Cloud Platform
Okta
GIT
Information Technology
3-tier Architectures

Job description

  • Lead technical insider risk investigations from intake to closure involving sensitive matters such as: Data exfiltration or misuse, Unauthorized platform access or privilege abuse, Dual employment and conflict of interest concerns, Misconduct with potential public or regulatory exposure and Tampering with intellectual property
  • Analyze telemetry data and indicators across regional infrastructure: DLP alerts, endpoint logs, VPN activity, service logs, and our internal collaboration platform.
  • Conduct interviews with employees and stakeholders across the AMS and other regions, exercising sound judgment and cultural sensitivity.
  • Write thorough, region-specific investigation reports, ensuring alignment with global protocols while reflecting local legal and business context.
  • Collaborate with Legal, HR, Engineering, PR, and Policy teams across the Americas to coordinate investigative outcomes and support remediation or disciplinary action.
  • Monitor and assess external threats and public disclosures originating from internal actions that may affect TikTok's brand globally.
  • Identify and address regional detection gaps, contribute to threat modeling, and help shape alerting logic in partnership with detection, analysis, and engineering teams.
  • Maintain complete discretion and proper handling of sensitive employee, operational, and company data in accordance with regional privacy laws.

Requirements

Do you have experience in Tooling?, Do you have a Bachelor's degree?, This role demands strong technical acumen, investigative instincts, and the ability to navigate sensitive matters across multiple jurisdictions. You will work independently but collaboratively, serving as the key technical point of contact for insider risk cases. Candidates must have experience in security analysis or engineering and have operated within a large-scale tech, platform, or media environment., * Strong technical proficiency in: Log data analysis (Audit logs for various services, process logs, etc), Security principles (CIA, defense in depth, principle of least privilege, etc.), IAM/SSO (Okta, AD, etc.), Cloud services (GCP, AWS, Azure, Ali Cloud, etc.), Endpoint detection and response (EDR), Network logs, Email logs, Collaboration platform logs (Slack, Microsoft Teams, etc.)

  • Strong understanding of developer workflows and tools (e.g. Git, python, etc...) and how they are used day to day by engineers.
  • Experience independently leading complex security investigations from detection through remediation
  • Experience performing endpoint, cloud, and identity-based investigations across enterprise environments
  • Experience mentoring analysts and serving as a technical escalation point for investigative teams
  • Ability to communicate technical findings to both technical and non-technical stakeholders
  • Strong experience producing investigation reports suitable for internal counsel, executives, and auditors., * 5+ years of experience in Insider Risk, Insider Threat, Security Engineering, Digital Forensics, Incident Response, or related disciplines
  • Bachelor's degree or above in Cybersecurity, Computer Science, Software Engineering.
  • Demonstrated experience conducting investigative interviews and subject questioning.
  • Experience developing detections, investigative playbooks, workflows, or automation to improve insider risk operations
  • Familiarity with GDPR or equivalent privacy frameworks relevant to internal investigations.
  • Prior involvement in investigations that resulted in external visibility, public scrutiny, or regulatory engagement.
  • Familiarity with insider threat frameworks and risk modeling., Qualified applicants with arrest or conviction records will be considered for employment in accordance with all federal, state, and local laws including the Los Angeles County Fair Chance Ordinance for Employers and the California Fair Chance Act. Our company believes that criminal history may have a direct, adverse and negative relationship on the following job duties, potentially resulting in the withdrawal of the conditional offer of employment

Benefits & conditions

(part of ByteDance) 3.33.3 out of 5 stars San Jose, CA $134,400 - $235,600 a year, Pulled from the full job description

  • Paid parental leave
  • Parental leave
  • Health insurance
  • 401(k) matching
  • Vision insurance
  • Dental insurance
  • Paid sick time, Compensation may vary outside of this range depending on a number of factors, including a candidate's qualifications, skills, competencies and experience, and location. Base pay is one part of the Total Package that is provided to compensate and recognize employees for their work, and this role may be eligible for additional discretionary bonuses/incentives, and restricted stock units.

Benefits may vary depending on the nature of employment and the country work location. Employees have day one access to medical, dental, and vision insurance, a 401(k) savings plan with company match, paid parental leave, short-term and long-term disability coverage, life insurance, wellbeing benefits, among others. Employees also receive 10 paid holidays per year, 10 paid sick days per year and 17 days of Paid Personal Time (prorated upon hire with increasing accruals by tenure).

The Company reserves the right to modify or change these benefits programs at any time, with or without notice.

About the company

The mission of TikTok's Global Security Organization is to build and earn trust by reducing risk and securing our businesses and products. Also known as "GSO", this team is the foundation of our efforts to keep TikTok safe, secure, and operating at scale for over 1 billion people around the world. We work to ensure that the TikTok platform is safe and secure, that our users' experience and their data remains safe from external or internal threats, and that we comply with global regulations wherever TikTok operates. Trust is one of TikTok's biggest initiatives, and security is integral to our success. In whatever ways users interact with us - whether they're watching videos on their For You page, interacting with a Live video, or buying products on TikTok Shop - GSO protects their data and privacy, so they can have a secure and trustworthy experience. TikTok's Insider Risk team is seeking a technical security analyst to help lead high-impact internal investigations globally. In this position, you will investigate threats related to, but not limited to, exfiltration, data misuse, policy violations, dual employment, and reputational risk stemming from TikTok personnel or operations., TikTok is the leading destination for short-form mobile video. At TikTok, our mission is to inspire creativity and bring joy. TikTok's global headquarters are in Los Angeles and Singapore, and we also have offices in New York City, London, Dublin, Paris, Berlin, Dubai, Jakarta, Seoul, and Tokyo., Inspiring creativity is at the core of TikTok's mission. Our innovative product is built to help people authentically express themselves, discover and connect - and our global, diverse teams make that possible. Together, we create value for our communities, inspire creativity and bring joy - a mission we work towards every day., TikTok is committed to creating an inclusive space where employees are valued for their skills, experiences, and unique perspectives. Our platform connects people from across the globe and so does our workplace. At TikTok, our mission is to inspire creativity and bring joy. To achieve that goal, we are committed to celebrating our diverse voices and to creating an environment that reflects the many communities we reach. We are passionate about this and hope you are too.

Apply for this position