Responsibilities
About the Security Assurance Team at ByteDance The team is missioned to build infrastructures, platforms and technologies, as well as to support cross-functional teams to protect our users, products and infrastructures. In this team, you'll have a unique opportunity to have first-hand exposure to the strategy of the company in key security initiatives, especially in building scalable and secure-by-design systems and solutions. Our challenges are not your regular day-to-day technical problems you'll be part of a team that's developing new solutions to new challenges of a kind not previously addressed by big tech. It's working fast, at scale, and we're making a difference. Responsibilities - Provide security engineering support to product teams to help identify potential security flaws in the early stages of SDLC. - Continuously design and conduct penetration testing to determine if infrastructure components, systems and applications meet security standards in the staging/production environment. - Discover security issues that appear under new threat scenarios, support incident response, forensics, remediation in a cross-functional environment driving towards incident resolution. - Collaborate closely with other parts of the security team and product teams to design defense-in-depth controls that limit attackers ability and improve our security postures. - To identify risks and actively take ownership to resolve any potential security project issues. - Continuously conduct security research and strive to innovate.
Qualifications
Minimum Qualifications - Background in Computer Science, Computer Engineering, Information Systems or other STEM disciplines. - Strong knowledge in some of these various disciplines: web application security, mobile app security, cloud security and thick client security. - Solid experience in writing and reviewing code in at least one of the following programming languages: JavaScript (Node JS), Go, Python, Java, C++, Rust. - Good project management skills and focused teamwork. Preferred Qualifications - Experience in independent supporting the application security of a business line - CTF players, BugBounty experience with reputable statistics in HackerOne, BugCrowd etc.
