Security Operation Engineer

About the Company Founded in 2012, ByteDance's mission is to inspire creativity and enrich life. With a suite of more than a dozen products, including TikTok, Helo, and Resso, as well as platforms specific to the China market, including Toutiao, Douyin, and Xigua, ByteDance has made it easier and more fun for people to connect with, consume, and create content. Why Join Us Creation is the core of ByteDance's purpose. Our products are built to help imaginations thrive. This is doubly true of the teams that make our innovations possible. Together, we inspire creativity and enrich life - a mission we aim towards achieving every day. To us, every challenge, no matter how ambiguous, is an opportunity; to learn, to innovate, and to grow as one team. Status quo? Never. Courage? Always. At ByteDance, we create together and grow together. That's how we drive impact - for ourselves, our company, and the users we serve. Join us. About the Team The team is missioned to build infrastructures, platforms and technologies, as well as to support cross-functional teams to protect our users, products and infrastructures. In this team, you'll have a unique opportunity to have first-hand exposure to the strategy of the company in key security initiatives, especially in building scalable and secure-by-design systems and solutions. Our challenges are not your regular day-to-day technical problems; you'll be part of a team that's developing new solutions to new challenges of a kind not previously addressed by big tech. It's working fast, at scale, and we're making a difference. Job Responsibilities 1. Process security alerts and events, and conduct technical analysis and assessments of security-related incidents; 2. Maintain data sources feeding the log monitoring system, develop and maintain detection and alerting rules; 3. Respond to user incident reports and evaluates the type and severity of security events; 4. Execute initial triage of incidents to rule out false positives; 5. Identify recurring security issues and risks and develops mitigation plans and recommends process improvements; 6. Develop, optimize, and update security detection rules to proactively identify potential risks; 7. Establish escalation processes for security incidents and develops contingency plans and disaster recovery procedures; 8. Develop SOAR playbooks, automate routine processes, create or enhance detection and response capabilities.

Minimum Qualifications 1. Bachelor's degree in Cybersecurity, Computer Science, or a technical field (or equivalent work experience in related field 2. At least 1-3 years of experience handling cybersecurity related incidents 3. Technical proficiency in at least one of the following domains: Malware Analysis, Digital Forensics, Log Analysis, Red Teaming/Penetration Testing or related domains 4. Familiar with network protocols, traffic analysis, and network security tools (e.g. WAF, HIDS, NTA/IPS/IDS, EDR, UEBA/ITDR) 5. Familiar with log analysis and correlation from multiple data sources to identify and investigate attack patterns. 6. Familiar with the creation and tuning of alerting rules from a SIEM(e.g. ELK) and other devices in response to changing threats. 7. Experience with scripting languages (e.g. Python, Shell、Java、Go and PowerShell) for automation and analysis 8. Excellent communication skills (verbal and written), teamwork and collaboration skills Preferred Qualifications 1. Professional certifications in Cybersecurity (OSCP, GCIH, GREM, GNFA or other relevant certifications) 2. Experience in working and investigating incidents in Cloud environments (e.g. AWS, GCP) 3. Familiarity with container technologies such as Docker and Kubernetes ByteDance is committed to creating an inclusive space where employees are valued for their skills, experiences, and unique perspectives. Our platform connects people from across the globe and so does our workplace. At ByteDance, our mission is to inspire creativity and enrich life. To achieve that goal, we are committed to celebrating our diverse voices and to creating an environment that reflects the many communities we reach. We are passionate about this and hope you are too.