Security Engineer - Offensive Security, Native

Social network you want to login/join with:

TikTok

London, United Kingdom

Yes

TikTok is the leading destination for short-form mobile video. At TikTok, our mission is to inspire creativity and bring joy. TikTok's global headquarters are in Los Angeles and Singapore, and its offices include New York, London, Dublin, Paris, Berlin, Dubai, Jakarta, Seoul, and Tokyo.

Why Join Us: Creation is the core of TikTok's purpose. Our products are built to help imaginations thrive. This is doubly true of the teams that make our innovations possible. Together, we inspire creativity and enrich life - a mission we aim towards achieving every day. To us, every challenge, no matter how ambiguous, is an opportunity; to learn, to innovate, and to grow as one team. Status quo? Never. Courage? Always. At TikTok, we create together and grow together. That's how we drive impact - for ourselves, our company, and the users we serve. Join us.

The team's mission is to build secure infrastructure, platforms, and technologies, as well as to support cross-functional teams to protect our users, products, and infrastructure. In this team, you'll have a unique opportunity to have first-hand exposure to the strategy of the company in key security initiatives, especially in building scalable and secure-by-design systems and solutions. Our challenges are not your regular day-to-day technical problems; you'll be part of a team that's developing new solutions to new challenges of a kind not previously addressed by big tech. It's working fast, at scale, and we're making a difference.

1. Conduct vulnerability research of the native components of the most critical systems and products (mobile and desktop apps, cloud).
2. Collaborate closely with other security and product teams to design defense-in-depth controls that limit attackers' ability and improve our security posture.
3. Drive secure-by-default and automation initiatives to boost native components' security.
4. Monitor and analyze emerging cyber threats, vulnerabilities, and exploits relevant to our infrastructure, technologies, and products.
5. Bring insight into all aspects of modern security issues to our products and rapidly developing prototypes for mitigations.
6. Support Red Team with vulnerability research and exploit development.

1. Bachelor's degree in Computer Science, Computer Engineering, Electrical Engineering, or other relevant majors.
2. 3+ years of experience in ethical hacking, vulnerability research, product security, exploit development, or being a member of a red team.
3. First-hand experience in C/C++ reviews, fuzzing, reverse engineering, and binary exploitation.
4. Advanced knowledge and understanding in at least one of the following disciplines: end-user device security, cloud computing, operating system internals and hardening, mobile and desktop app security, network security, applied cryptography.
5. Strong problem-solving skills and excellent debugging/troubleshooting skills.