Responsibilities
The GMPT Security BP Team provides application security, cloud security, data security, account security, large model security, and business security services to the ByteDance Global Monetization (Global Advertising) Team, including threat intelligence analysis, penetration testing, red-teaming, tool R&D, and risk governance. Responsibilities - Provide security engineering support to product teams to help identify potential security flaws in the early stages of SDLC. - Continuously design and conduct penetration testing to determine if infrastructure components, systems and applications meet security standards in the staging/production environment. - Discover security issues that appear under new threat scenarios, support incident response, forensics, remediation in a cross-functional environment driving towards incident resolution. - Collaborate closely with other parts of the security team and product teams to design defense-in-depth controls that limit attackers ability and improve our security postures. - To identify risks and actively take ownership to resolve any potential security project issues. - Continuously conduct security research and strive to innovate.
Qualifications
Minimum Qualifications - Background in Computer Science, Computer Engineering, Information Systems or other STEM disciplines. - Strong knowledge in some of these various disciplines: web application security, mobile app security, cloud security and thick client security. - Solid experience in writing and reviewing code in at least one of the following programming languages: JavaScript (Node JS), Go, Python, Java, C++, Rust. - Good project management skills and focused teamwork. Preferred Qualifications - Experience in independent supporting the application security of a business line - CTF players, BugBounty experience with reputable statistics in HackerOne, BugCrowd etc.
