About Us

Tik Tok is the leading destination for short-form mobile video and our mission is to inspire creativity and bring joy.

Size: 5001-10000 employees
Industry: Entertainment & Gaming, Social Media, Technology

View Company Profile

Responsibilities

The mission of Tik Tok's Global Security Organization is to build and earn trust by reducing risk and securing our businesses and products. Also known as "GSO", this team is the foundation of our efforts to keep Tik Tok safe, secure, and operating at scale for over 1 billion people around the world. We work to ensure that the Tik Tok platform is safe and secure, that our users' experience and their data remains safe from external or internal threats, and that we comply with global regulations wherever Tik Tok operates.

• Trust is one of Tik Tok's biggest initiatives, and security is integral to our success. In whatever ways users interact with us - whether they're watching videos on their For You page, interacting with a Live video, or buying products on Tik Tok Shop
• GSO protects their data and privacy, so they can have a secure and trustworthy experience.

The Senior Vulnerability Engineer is tasked with the day to day activities of the Vulnerability Management Team. They schedule, conduct, and regularly review vulnerabilities, analyzing for key risks and escalating where needed. They should be aware of current policies and procedures and ensure they are being followed properly. The Senior Vulnerability Engineer should have hands on experience with vulnerability management tools and be able to mentor and advise other team members.

Email Address

Send me The Muse newsletters for the best in career advice and job search tips.

Get jobs!

Responsibilities:Vulnerability Assessment- Thoroughly review, evaluate and validate vulnerability reports received from security researchers, vendors, or internal sources to determine their legitimacy and impact on our applications. Evaluate vulnerabilities based on severity and reduce false positives- Provide expert guidance and recommendations to development teams on how to effectively remediate/patch vulnerabilities, including code changes, configuration adjustments, and best practices in secure coding Documentation and Reporting:

• Develop processes and document procedures for use by other team members and to enhance efficiencies- Maintain regular communication with Vulnerability Management Lead and organizational management for collaboration, process optimization, tools tuning, and information sharing Security Awareness Training:
• Promote security awareness within the organization by conducting training sessions, sharing insights on emerging threats, and fostering a culture of security consciousness Scripting Coding & Automation:
• Develop scripts, plugins, or integrations to automate repetitive tasks and streamline workflows- Develop custom tools or applications to address specific automation needs within the vulnerability management process- Write and maintain scripts (e.g., Python, PowerShell) to automate vulnerability scanning, analysis, and remediation activities Compliance & Audit Support:
• Participate in audits and assessments to validate vulnerability management processes- Implement controls to address compliance requirements related to vulnerabilities- Assist in the preparation of security reports for compliance and audit purposes Qualifications

Minimum Qualifications:

• Knowledge of common vulnerabilities, vulnerability scoring systems (e.g. CVSSv3) and remediation steps (e.g., OWASP Top 10, Patch Management)
• Hands-on experience in testing web and mobile applications, including manual and automated testing, with a strong understanding of the software development lifecycle (SDLC)
• Hands-on experience with cloud platforms (AWS, Azure, GCP) and container technologies (Docker, Kubernetes).
• Knowledge of container security best practices (e.g., container hardening, image scanning, runtime security) and familiarity with security scanning tools for cloud environments (e.g., Prisma Cloud, Aqua Security, Sysdig)
• Ability to conduct root cause analysis against vulnerabilities and determine feasible technical solutions
• Ability to work alongside other security functions to determine vulnerability scoring and impact
• Strong communication, analytical and problem-solving skills

Preferred Qualifications:

• Bachelor's Degree or industry equivalent work experience in vulnerability management in a security program
• Approximately 5+ years of applicable experience
• CISSP, CISM, or equivalent certification
• Experience with external bug bounty programs (e.g., Hacker One, Bugcrowd) is a plus
• Hands on operational experience with vulnerability management tools (e.g. Qualys, Nexpose) including the ability to deploy, configure, and run these tools
• Familiarity with vulnerability management across SaaS and IaaS cloud platforms (e.g., AWS, Google Cloud, etc.)
• Ability to handle large datasets and perform vulnerability analysis
• Working knowledge/experience with Python, SQL and REST APIs
• Ability to handle ambiguity and collaborate with a global team
• Ability to coach junior staff and contractors

Client-provided location(s): Singapore

Job ID: Tik Tok-7465879852470716690

Employment Type: OTHER

Posted: 2025-02-04T00:34:51
Search all jobs

Perks and Benefits

Health and Wellness

• Health Insurance
• Dental Insurance
• Vision Insurance
• HSA
• Life Insurance
• Fitness Subsidies
• Short-Term Disability
• Long-Term Disability
• On-Site Gym
• Mental Health Benefits
• Virtual Fitness Classes

Parental Benefits

• Fertility Benefits
• Adoption Assistance Program
• Family Support Resources

Work Flexibility

• Flexible Work Hours
• Hybrid Work Opportunities

Office Life and Perks

• Casual Dress
• Snacks
• Pet-friendly Office
• Happy Hours
• Some Meals Provided
• Company Outings
• On-Site Cafeteria
• Holiday Events

Vacation and Time Off

• Paid Vacation
• Paid Holidays
• Personal/Sick Days
• Leave of Absence

Financial and Retirement

• 401(K) With Company Matching
• Performance Bonus
• Company Equity

Professional Development

• Promote From Within
• Access to Online Courses
• Leadership Training Program
• Associate or Rotational Training Program
• Mentor Program

Diversity and Inclusion

• Diversity, Equity, and Inclusion Program
• Employee Resource Groups (ERG)

Company Videos

Hear directly from employees about what it is like to work at Tik Tok.

Search all jobs

Similar Jobs

Suggested Searches

Management jobssenior jobsTikTok jobsAll jobs

Search Additional Jobs

Senior Vulnerability Management Specialist Jobs in SingaporeJobs in SingaporeManagement JobsManagement Jobs in Singapore