Business Red Team Engineer - Global E-Commerce

ByteDance founded in 2012, is on a mission to inspire creativity and enrich life. With a suite of more than a dozen products, including TikTok, Lemon8, CapCut and Pico as well as platforms specific to the China market, ByteDance has made it easier and more fun for people to connect with, consume, and create content.

Inspiring creativity is at the core of ByteDance's mission. Our innovative products are built to help people authentically express themselves, discover and connect – and our global, diverse teams make that possible. Together, we create value for our communities, inspire creativity and enrich life - a mission we work towards every day.

As ByteDancers, we strive to do great things with great people. We lead with curiosity, humility, and a desire to make impact in a rapidly growing tech company. By constantly iterating and fostering an "Always Day 1" mindset, we achieve meaningful breakthroughs for ourselves, our Company, and our users. When we create and grow together, the possibilities are limitless. Join us.

Diversity & Inclusion

ByteDance is committed to creating an inclusive space where employees are valued for their skills, experiences, and unique perspectives. Our platform connects people from across the globe and so does our workplace. At ByteDance, our mission is to inspire creativity and enrich life. To achieve that goal, we are committed to celebrating our diverse voices and to creating an environment that reflects the many communities we reach. We are passionate about this and hope you are too.

As part of ByteDance's Security Department, Security BP team is not only responsible for the security and risk management of the Monetization business, but also plays an important role in connecting and building trust between the business and security team. Leveraging on various capabilities provided by the Security Department, we ensure the business and customer data are secured by providing high-quality services to the Monetization business, such as platform security, product security, business security and compliance governance.

1. Deep understanding of ByteDance's Global E-commerce business, including its risk landscape and how they could be attacked or abused. Conduct adversarial simulation exercises, attack attribution, and remediation of business security issues.
2. Research the latest tools and techniques employed by underground markets, collect relevant intelligence, perform traceback analysis, and conduct ongoing Red Team exercises for global e-commerce. Produce detailed reports with actionable recommendations to optimize existing security solutions.
3. Drive research and planning of cutting-edge security technologies based on business needs, establish a business security Red Team system, and develop offensive security capabilities along with Red Team tooling platforms.
4. Collaborate with multiple develop and product teams to make requirements into test plans, and develop/execute test scripts or code compliant with standards and procedures.

1. Proficient in reverse engineering for Android/iOS/web platforms, with experience countering common obfuscation, anti-debugging, and jailbreak/root detection techniques.
2. Familiar with the operational models of underground market ecosystems and various cheating methods, with substantial experience in penetration testing, data analysis, and data mining for business security and risk control.
3. Prior involvement in large-scale risk control system development, or practical experience in threat intelligence/business risk prevention, underground market analysis and countermeasures is preferred.
4. Strong data mining, summarization, and communication skills, with the ability to independently produce detailed data analysis reports and documentation.

1. Possess penetration testing skills, or have experience in HVV (cyber defense exercises), CTF competitions, SRC vulnerability discovery, or related fields.
2. Experience in formulating risk control strategies, particularly in anti-crawler and traffic anti-fraud domains.