Cyber Security Operations Center (CSOC) Principle - USDS

ResponsibilitiesAbout the TeamThe TikTok Cyber Fusion Center is a global brand with locations opening in Washington D.C., Australia, and the UK. A Cyber Fusion Center comprises specialized, highly proficient security professionals who enable rapid and informed response to protect the company from cyber threat scenarios.The Fusion Center Principal will lead the TikTok US Cyber Fusion Center in Washington, DC. You will build and lead a team of people, processes and technologies with the overarching goal of detecting and responding to threats that could impact TikTok's US operations.The TikTok US Fusion Center will in-take, investigate and perform incident response against threats with the potential to impact TikTok US. For cyber-related threats, the Cyber Fusion Center team will detect, investigate, and respond to threats or malicious activities within the enterprise. Your team will regularly survey the TikTok networks for signs of a breach, malware or unauthorized access. You will identify and disrupt major threats that target TikTok users or utilize TikTok's infrastructure.Additionally, your team will develop and maintain standard operating procedures and response plans. Join our team to lead and execute purple team exercises in collaboration with the USDS red team, enhancing incident response processes and refining operational procedures.Your team will be responsible for collecting and analyzing data to support threat investigations.The preferred candidate will be responsible for leading these efforts in collaboration with peer Fusion Center Principals globally. The candidate must have expert skills in conducting technical analysis of security events, malware analysis, incident investigation and escalation, digital forensics and other general incident response related issues. The candidate must also have the ability to communicate effectively, motivate and lead cross functional and individual contributor teams independently, participate in coordinating response and defensive actions over a variety of security disciplines, and disseminate technical information as appropriate in support of TikTok's critical business and operational infrastructure needs. The candidate will develop, select, and motivate highly effective employees to protect the TikTok business.In order to enhance collaboration and cross-functional partnerships, among other things, at this time, our organization follows a hybrid work schedule that requires employees to work in the office 3 days a week, or as directed by their manager/department. We regularly review our hybrid work model, and the specific requirements may change at any time.Tasks and Responsibilities:- Develop and document standard operating procedures including identification, remediation, containment, and eradication procedures- Identify major threats that target TikTok users or utilize company infrastructure- Develop a staffing structure and roles and responsibilities for a 24x7x365 monitoring and response capability- Provide input to cross functional teams to ensure that log sources meet analyst needs and that sensors and collection devices are placed strategically throughout the environment- Work with Crisis and Incident Management to enable procedures and execute them when necessary- Work with Human Resources and Recruiting to build a staffing and development plan to attract, develop, and retain world class talent at all levels- Synthesize technical details of critical incidents to executive management and provide immediate containment and eradication recommendationsQualificationsMinimum Qualifications- Bachelors’ Degree or industry equivalent work experience in security architecture and engineering in a converged security program- CISSP, GCIA, GCIH, GREM or applicable experience in the Information Security field- 5+ years experience & expert in computer security incident handling and responding to Advanced Persistent Threats- Strong leadership skills and the ability to foster a collaborative, high performing team with Excellent analytical, problem-solving, communication (verbal and written) skills with the ability to influence without authority.- Demonstrated teamwork and collaboration skills - in particular in leading or contributing to multi-functional teams while being able to balance risks in ambiguous and complex situations.Preferred Qualifications- Demonstrated experience in leading a security focused capability and providing world class services at enterprise scale with Expertise in performing or overseeing malware analysis, performing or overseeing digital forensics for incident response- Strong Operating System Administration skills including conceptual knowledge of OS internals and experience with core service types- Strong experience with *NIX and Windows environments- Experience in maintaining a working knowledge of global attack groups and their tools, techniques, and procedures- Strong analytical/problem solving skills and cross functional knowledge across multiple IT operational and security disciplines while possessing a high degree of integrity, be trustworthy, and have the ability to lead and inspire change.About USDSTikTok is the leading destination for short-form mobile video. Our mission is to inspire creativity and bring joy. U.S. Data Security (“USDS”) is a subsidiary of TikTok in the U.S. This new, security-first division was created to bring heightened focus and governance to our data protection policies and content assurance protocols to keep U.S. users safe. Our focus is on providing oversight and protection of the TikTok platform and U.S. user data, so millions of Americans can continue turning to TikTok to learn something new, earn a living, express themselves creatively, or be entertained. The teams within USDS that deliver on this commitment daily span across Trust & Safety, Security & Privacy, Engineering, User & Product Ops, Corporate Functions and more.Data Security StatementThis role requires the ability to work with and support systems designed to protect sensitive data and information. As such, this role will be subject to strict national security-related screening.Why Join UsInspiring creativity is at the core of TikTok's mission. Our innovative product is built to help people authentically express themselves, discover and connect – and our global, diverse teams make that possible. Together, we create value for our communities, inspire creativity and bring joy - a mission we work towards every day.We strive to do great things with great people. We lead with curiosity, humility, and a desire to make impact in a rapidly growing tech company. Every challenge is an opportunity to learn and innovate as one team. We're resilient and embrace challenges as they come. By constantly iterating and fostering an "Always Day 1" mindset, we achieve meaningful breakthroughs for ourselves, our company, and our users. When we create and grow together, the possibilities are limitless. Join us.Diversity & InclusionTikTok is committed to creating an inclusive space where employees are valued for their skills, experiences, and unique perspectives. Our platform connects people from across the globe and so does our workplace. At TikTok, our mission is to inspire creativity and bring joy. To achieve that goal, we are committed to celebrating our diverse voices and to creating an environment that reflects the many communities we reach. We are passionate about this and hope you are too.USDS Reasonable AccommodationTikTok is committed to providing reasonable accommodations in our recruitment processes for candidates with disabilities, pregnancy, sincerely held religious beliefs or other reasons protected by applicable laws. If you need assistance or a reasonable accommodation, please reach out to us at https://tinyurl.com/USDS-RAJob Information【For Pay Transparency】 Compensation Description (Annually) - Washington, DCThe base salary range for this position in the selected city is 179820 - 310960 annually.Compensation may vary outside of this range depending on a number of factors, including a candidate’s qualifications, skills, competencies and experience, and location. Base pay is one part of the Total Package that is provided to compensate and recognize employees for their work, and this role may be eligible for additional discretionary bonuses/incentives, and restricted stock units.Benefits may vary depending on the nature of employment and the country work location. Employees have day one access to medical, dental, and vision insurance, a 401(k) savings plan with company match, paid parental leave, short-term and long-term disability coverage, life insurance, wellbeing benefits, among others. Employees also receive 10 paid holidays per year, 10 paid sick days per year and 17 days of Paid Personal Time (prorated upon hire with increasing accruals by tenure).The Company reserves the right to modify or change these benefits programs at any time, with or without notice.