Lead Cyber Security Operations Center (CSOC) Analyst - USDS

Get AI-powered advice on this job and more exclusive features.

Responsibilities

Our Cyber Security Operations Center (CSOC) team is the frontline of defense, responsible for protecting the organization from evolving cyber threats with precision, urgency, and purpose. We’re a mission-driven team that thrives in a high-tempo environment—where curiosity, accountability, and continuous improvement are at the core of everything we do.

We operate a 24/7 global detection and response program, leveraging cutting-edge tools, advanced threat intelligence, and automation to detect, investigate, and respond to threats at scale. More than the technology, it’s our people that make the difference. We’re collaborative, detail-oriented, and deeply committed to safeguarding the business while enabling innovation.

As part of our team, you’ll work on meaningful challenges and shape the evolution of Security Operations. Your responsibilities include driving detection engineering, mentoring analysts, and influencing process improvements—where tactical excellence meets strategic impact.

Our organization follows a hybrid work schedule requiring employees to work in the office 3 days a week or as directed by their manager. This model is regularly reviewed and may change.

Tasks and Responsibilities:

1. Lead investigations from triage to root cause, coordinating incident response across endpoint, cloud, identity, and SaaS threats.
2. Mentor and develop SOC analysts through case reviews, training, and real-time guidance during critical incidents.

Qualifications

Minimum Qualifications:

• 5+ years experience handling security incidents and responding to advanced threats.
• Excellent communication skills, leadership, and collaboration, especially in a global, multi-functional SOC team.
• Strong problem-solving, time management, and interpersonal skills; ability to work under pressure.
• Knowledge of industry frameworks like MITRE ATT&CK.
• Cross-disciplinary expertise in IT security and operations; ability to communicate technical concepts broadly.
• High integrity and leadership qualities.

Preferred Qualifications:

• Certifications such as GCIA, GCIH, GREM, or relevant experience.
• Programming/scripting skills (Perl, Java, Python) and SQL experience.
• Experience in malware analysis, digital forensics, SIEM use case development, and cloud environments (UNIX/Linux, Windows).

About USDS

TikTok’s US Data Security (USDS) division focuses on data protection and content assurance for U.S. users, ensuring safety while enabling creative expression. Our teams span Trust & Safety, Security & Privacy, Engineering, and more.

Data Security Statement

This role involves working with systems that protect sensitive data and will require security screening.

Why Join Us

We foster a culture of curiosity, humility, and impact, encouraging innovation and resilience. Join us to help shape the future of security at TikTok and inspire creativity worldwide.

Diversity & Inclusion

We are committed to an inclusive environment that values diverse perspectives and experiences, reflecting the communities we serve.

USDS Reasonable Accommodation

We provide accommodations for candidates with disabilities or religious needs. Contact us at https://tinyurl.com/USDS-RA for assistance.

Job Information

Salary in Washington, DC: $106,920 - $220,820 annually, with potential bonuses and stock options. Benefits include health insurance, 401(k), paid leave, and more.

Additional Details

• Seniority level: Mid-Senior level
• Employment type: Full-time
• Job function: Engineering and IT
• Industries: Technology, Information, Internet