Job Description

About the Company
Founded in 2012, ByteDance\'s mission is to inspire creativity and enrich life. With a suite of more than a dozen products, including TikTok, Helo, and Resso, as well as platforms specific to the China market, including Toutiao, Douyin, and Xigua, ByteDance has made it easier and more fun for people to connect with, consume, and create content.

Why Join Us
Creation is the core of ByteDance\'s purpose. Our products are built to help imaginations thrive. This is doubly true of the teams that make our innovations possible.
Together, we inspire creativity and enrich life - a mission we aim towards achieving every day.
To us, every challenge, no matter how ambiguous, is an opportunity; to learn, to innovate, and to grow as one team. Status quo? Never. Courage? Always.
At ByteDance, we create together and grow together. That\'s how we drive impact - for ourselves, our company, and the users we serve.
Join us.

About the Security Assurance Team at ByteDance
The team is missioned to build infrastructures, platforms and technologies, as well as to support cross-functional teams to protect our users, products and infrastructures. In this team, you\'ll have a unique opportunity to have first-hand exposure to the strategy of the company in key security initiatives, especially in building scalable and secure-by-design systems and solutions. Our challenges are not your regular day-to-day technical problems; you\'ll be part of a team that\'s developing new solutions to new challenges of a kind not previously addressed by big tech. It\'s working fast, at scale, and we\'re making a difference.

Responsibilities

• Develop and implement internal security risk management programs (e.g. comprehensive audit loggings, insider threat detections, privileged access management & governance), procedures and controls to prevent/detect/respond to incidents.
• Perform risk assessment and assess them professionally. Develop mitigation strategies to minimize the impact of relevant incidents.
• Perform insider threat detection operations and cooperate with stakeholders to design programs based on risk scenarios.
• Work with stakeholders from Engineering, SecOps, IT, Legal, HR, Ethics to ensure that all aspects of internal information security risk are addressed.
• Research industry best practices and technologies. Perform industry benchmarking and gap analysis.
• Bachelor\'s degree in a relevant field, such as information security, cyber security, risk management.
• At least 3 years of experience in a similar role, with a proven track record of managing internal security risk and consultancy experience is a bonus.
• Experience developing and implementing internal security risk management policies, procedures and riskcontrols. Knowledge of risk assessment methodologies and tools.
• Calm and composed personality, a strong inclination towards learning and a team-oriented mindset.

Preferred Requirements

• Experience in dealing with insider threat indicators such as employee unusual access patterns.
• Experience in building an insider threat program.

ByteDance is committed to creating an inclusive space where employees are valued for their skills, experiences, and unique perspectives. Our platform connects people from across the globe and so does our workplace. At ByteDance, our mission is to inspire creativity and enrich life. To achieve that goal, we are committed to celebrating our diverse voices and to creating an environment that reflects the many communities we reach. We are passionate about this and hope you are too.