About the Team

The team is missioned to build infrastructures, platforms and technologies, as well as to support cross-functional teams to protect our users, products and infrastructures. In this team you'll have a unique opportunity to have first-hand exposure to the strategy of the company in key security initiatives, especially in building scalable and secure-by-design systems and solutions. Our challenges are not your regular day-to-day technical problems; you'll be part of a team that's developing new solutions to new challenges of a kind not previously addressed by big tech. It's working fast, at scale, and we're making a difference.

We are looking for talented individuals to join our team in 2026. As a graduate, you will get opportunities to pursue bold ideas, tackle complex challenges, and unlock limitless growth. Launch your career where inspiration is infinite at Tik Tok.

Successful candidates must be able to commit to an onboarding date by end of year 2026. Please state your availability and graduation date clearly in your resume.

Candidates can apply to a maximum of two positions and will be considered for jobs in the order you apply. The application limit is applicable to Tik Tok and its affiliates' jobs globally. Applications will be reviewed on a rolling basis - we encourage you to apply early.

Responsibilities

As a Graduate Application Security Engineer, you will be at the forefront of our efforts to embed security into the entire product lifecycle. You will work alongside various engineering teams to secure our applications, from design to deployment. Your responsibilities will include:

• Assisting in the design and execution of security assessments, including code reviews, penetration testing, and threat modeling for web and mobile applications.
• Design and develop security tooling to identify vulnerabilities and optimise the product security review process.
• Perform architecture and design reviews to ensure that our applications are implemented to the highest security and privacy standards, thus maintaining and enhancing user trust.
• Work closely with software engineering teams to provide security guidance and co-design complex production systems.
• Discover security issues that appear under new threat scenarios, support incident response, forensics, remediation in a cross-functional environment driving towards incident resolution.

Qualifications

Minimum Qualifications

• Final year or recent graduate with a background in Computer Science, Cybersecurity, Software Engineering, or a related technical discipline.
• Experience in writing and reviewing code in at least two of the following programming languages: Kotlin, Swift, TypeScript, Go, Python, Rust.
• Solid knowledge and understanding in various disciplines: web application security, mobile app security, network security, applied cryptography. You're expected to be familiar with at least one of these areas.
• Familiarity with common security risks, including their principles, attack and defense strategies, and systematic governance and construction approaches.
• Self-driven and capable of coping with ambiguity and applying theoretical concepts in practice.
• Demostrate interest in cybersecurity.
• Strong problem-solving skills and excellent debugging / troubleshooting skills.

Preferred Qualifications

• CTF players, live competitions and hacking events experience.
• CVEs such as remote code execution are preferred.
• Bug Bounty experience with reputable statistics in Hacker One, Bug Crowd etc.

Additional Information

By submitting an application for this role, you accept and agree to our global applicant privacy policy, which may be accessed here: https://careers.tiktok.com/legal/privacy

If you have any questions, please reach out to us at apac-earlycareers@tiktok.com