Security Specialist (Detection & Response) - TikTok Shop

Responsibilities

TikTok Shop is a content e-commerce business with international short video product as the carrier. It is committed to becoming the first choice for users to discover and purchase good products with affordable prices. TikTok Shop business team hopes to provide users with more tailored and efficient consumption experience, enabling merchants to receive reliable platform services in different scenarios such as live e-commerce, short video content e-commerce, thereby making more affordable and high-quality products easily accessible and improving lives.

The E-commerce Security team is responsible for safeguarding the platform's security and creating a safe, trustworthy shopping and business environment for TikTok Shop: allowing consumers to shop with confidence, sellers to operate with peace of mind, and influencers to focus on the enjoyment of bringing goods. Responsibilities: - Identify and resolve security risks across global e-commerce platforms; drive implementation of security projects.

- Build and optimise SDLC processes; focus on privacy security and data leak prevent, design and deployment of security solutions. - Projects security evaluate, systems pentest, vulnerability scan and operations. - Collect, validate, and trace intelligence about underground(black industries); security incident emergency response.

Minimum Qualifications:

• Bachelor's or higher degree in Computer Science, Information Technology, Programming & System Analysis, Science (Computer Studies) or related discipline.


• Experience with SDLC for large-scale business systems; hands-on experience across each point of SDLC processes.


• Expertise in web vulnerabilities exploitation and OWASP Top 10; deep understanding of vulnerability fix solutions.


• Experience leading large-scale cross-team security projects; strong collaboration, communication, and documentation skills.

Preferred Qualifications:

• Understanding and ability to identify/resolve security risks of global e-commerce business scenarios (e.g., merchants, logistics, supply chain, open platforms, influencer alliances, agencies, group leaders, service providers).


• Analyse technical architectures of complicated data call chains and identify security risks; designing security control solutions.


• Identify security risks with massive traffics and large datasets correlation analysis.