Job Description
About the Team
The Security Assurance Team is researching offensive and defensive technology and skills to continuously improve the company's fundamental security, data security, and business security levels. We strive to minimize the impact of 0-day vulnerabilities and incidents. Our team provides a range of security services, including SDLC, vulnerability management, extreme critical risks discovery, supply chain security, network defense, red teaming, underground market crackdown, threat detection, emergency response, threat intelligence, and information security investigation.
- Propose, plan, and execute Red Team Operations to determine if infrastructure components, systems and applications meet confidentiality, integrity, authentication, availability, authorisation, and nonrepudiation standards based on realistic threats to the organization.
- Maintain a deep understanding of ByteDance Enterprise Products, how they work, and how they could be attacked or abused.
- Conducts security exercises that emulate real-world threats, TTPs that are most relevant to our organization.
- Translate requirements into test plan, write and execute test scripts or codes in line with standards and procedures to determine vulnerability to attacks.
- Certify infrastructure components, systems and applications that meet security standards.
- Write detailed reports covering the goals and outcomes of Red Team operations, including significant observations and recommendations.
- Collaborate across multiple defense/product teams to propose enhancements and improve current security offerings.
