Product Security Leader, Global Payment

About the Company Founded in 2012, ByteDance's mission is to inspire creativity and enrich life. With a suite of more than a dozen products, including TikTok as well as platforms specific to the China market, including Toutiao, Douyin, and Xigua, ByteDance has made it easier and more fun for people to connect with, consume, and create content. Why Join Us Creation is the core of ByteDance's purpose. Our products are built to help imaginations thrive. This is doubly true of the teams that make our innovations possible. Together, we inspire creativity and enrich life - a mission we aim towards achieving every day. To us, every challenge, no matter how ambiguous, is an opportunity; to learn, to innovate, and to grow as one team. Status quo? Never. Courage? Always. At ByteDance, we create together and grow together. That's how we drive impact - for ourselves, our company, and the users we serve. Join us. About the Team The Security Assurance Team is researching offensive and defensive technology and skills to continuously improve the company's fundamental security, data security, and business security levels. We strive to minimize the impact of 0-day vulnerabilities and incidents. Our team provides a range of security services, including SDLC, vulnerability management, extreme critical risks discovery, supply chain security, network defense, red teaming, underground market crackdown, threat detection, emergency response, threat intelligence, and information security investigation. Job Responsibilities - Lead the team in conducting security testing before applications go live, routine security checks, penetration testing, app security testing, threat intelligence tracking, and other related tasks. - Systematically assess the risks of our online business, respond to incidents, design risk mitigation solutions, and ensure their effective implementation. - Promote the development of foundational SDLC (Software Development Life Cycle) capabilities, including processes, metrics systems, and automated requirements review capabilities. - Collaborate cross-functionally, working with central platform capabilities to achieve business line security assurance goals.

Minimum Qualifications - Background in Computer Science, Computer Engineering, Information Systems or other STEM disciplines. - Strong knowledge in one or more of the following areas: web application security, mobile app security, cloud security and thick client security. - Proficient in designing security architectures for large-scale systems, as well as in security vulnerability and risk management - Solid experience in writing and reviewing code in at least one of the following programming languages: JavaScript (Node.js), Go, Python, Java, C++, or Rust. - Strong project management skills and a demonstrated ability to work effectively in teams. Preferred Qualifications - Experience in team management - Experience in independently supporting the application security of a business line - CTF players, BugBounty experience with reputable statistics in HackerOne, BugCrowd etc. ByteDance is committed to creating an inclusive space where employees are valued for their skills, experiences, and unique perspectives. Our platform connects people from across the globe and so does our workplace. At ByteDance, our mission is to inspire creativity and enrich life. To achieve that goal, we are committed to celebrating our diverse voices and to creating an environment that reflects the many communities we reach. We are passionate about this and hope you are too.