IT Security Engineer (Multiple Positions)

ResponsibilitiesAbout ByteDanceFounded in 2012, ByteDance's mission is to inspire creativity and enrich life. With a suite of more than a dozen products, including TikTok, Helo, and Resso, as well as platforms specific to the China market, including Toutiao, Douyin, and Xigua, ByteDance has made it easier and more fun for people to connect with, consume, and create content.

Why Join UsCreation is the core of ByteDance's purpose. Our products are built to help imaginations thrive. This is doubly true of the teams that make our innovations possible.

Together, we inspire creativity and enrich life - a mission we aim towards achieving every day. To us, every challenge, no matter how ambiguous, is an opportunity;

to learn, to innovate, and to grow as one team. Status quo? Never. Courage? Always. At ByteDance, we create together and grow together.

That's how we drive impact - for ourselves, our company, and the users we serve. Join us. About the TeamOur team plays a crucial role in ensuring the company’s success.

We seek people who are willing to learn and put in the effort to solve problems. Our challenges are not your regular day-to-day problems - you’ll be part of a team that’s developing new solutions to new challenges.

It’s working fast, at scale, and we’re making a difference. We are looking for talents to join us on this exciting journey! Responsibilities- Provide technical solutions for access control, supply chain defense, and IT SOC platform by monitoring and analyzing emerging cyber threats and vulnerabilities relevant to the IT infrastructure.

• Design and manage tailored enterprise-wide security risk assessment process.- Provide global end-user support on all IT Security related issues and any new rollout of services.
• Perform Vulnerability Management and Patching services for global office endpoints by responding to public vulnerability alerts, compiling remediation plan, and tracking remediation rate.
• Scan the global CORP network and assess the discovered vulnerabilities risk level and deploy Windows patches with centralized WSUS.
• Act as a Point of Contact (POC) regarding global office network security for internal audit and external audit such as ISO27001 / SOC2 certification.
• Provide localizing security awareness training for global users.- Perform Digital Forensic Investigation & Analysis remotely for global regions.
• QualificationsQualificationsMust have a Master’s degree in Computer Science, Engineering (any), Information Technology, Information Assurance, Cybersecurity, or a related field, and 2 years of related work experience;

OR a Bachelor's degree in Computer Science, Engineering (any), Information Technology, Information Assurance, Cybersecurity, or a related field, and 5 years of post bachelor’s, progressive related work experience.

• Of the required experience, must have 2 years of experience in each of the following : - Designing and evolving enterprise-wide automated security processes and streamlining security operations including risk assessment, incident response, and vulnerability management;
• Performing security vulnerability management on company's global internal network and remediating the vulnerabilities by pushing patches and / or workarounds through cross-functional collaborations;
• Coordinating security incident response, investigation, review, and security alert analysis and conducting remote Digital Forensic Analysis;
• Providing security incident documentation, follow-up, and resolving incidents through cross-functional collaborations;- Supporting internal security audits and ISO27001 / SOC2 audit activities;

and- Compiling tailored security policies, standards, and guidance to improve security standards. Type : Full time, 40 hours / weekLocation : San Jose, CASalary Range : $187262 - $269800 per year To