Tik Tok
Detection Engineer, US Threat Led Defense (USTLD) - USDS
Tik Tok, New York, New York, us, 10261
Detection Engineer, US Threat Led Defense (USTLD) - USDS
Be among the first 25 applicants Responsibilities
About the Team This role reports to the Threat Led Defense (USTLD) team lead. USTLD's mission is to ensure that the Threat Detection and Response organization can detect and mitigate the most critical threats to our user data, employees, and operations. As a detection engineer, you will onboard, write, and tune detection logic for various network, endpoint, and cloud security use cases. Ideal Candidate
You are a self-starter comfortable operating in a fast-paced environment. You want to work with cross-functional teams on diverse use cases. You seek a high-impact individual contributor role within a growing team. You enjoy tackling complex or novel challenges. Our organization follows a hybrid work schedule requiring employees to work in the office 3 days a week, subject to change based on departmental review. Tasks and Responsibilities
Assess threat actor tradecraft and develop countermeasures with intelligence and engineering teams. Onboard and tune detection logic from commercial and internal products. Analyze threat actor TTPs using MITRE ATT&CK and assess detection coverage with MITRE DeTT&CT. Develop custom rules to fill detection gaps. Collaborate with logging teams to onboard new log sources to our SIEM. Contribute to threat hunts and purple team exercises. Build and maintain a threat detection library. Develop enrichment pipelines and automation to improve detection fidelity. Qualifications
Minimum Qualifications
Bachelor's degree or equivalent experience in Computer Science, Information Security, or related field with 5+ years in security operations, threat detection, or incident response. 2+ years experience with Splunk: data ingestion, advanced queries, dashboards; proficiency in SPL. Proficiency in Python, PowerShell, YAML, or JavaScript. Experience with security logging for Linux and macOS, and working with internal tools, SQL, or Lucine. Knowledge of network security devices like firewalls and proxies. Strong communication, analytical skills, and experience mapping TTPs to MITRE ATT&CK. Preferred Qualifications
Experience with Linux detection tools like auditd, osquery. Experience with IDS variables, MITRE DeTT&CT, and detections-as-code. Experience with XSOAR or similar SOAR platforms, attack simulation frameworks. Relevant certifications such as OSCP, CISSP, GREM, etc. About USDS
TikTok's US Data Security (USDS) division focuses on data protection policies and safeguarding U.S. user data, ensuring platform security and compliance. Data Security Statement
This role involves working with systems that handle sensitive data and will require security screening. Why Join Us
Join TikTok to be part of a creative, innovative, and diverse team that values curiosity, humility, and impact. We foster a culture of learning, resilience, and continuous improvement. Diversity & Inclusion
We are committed to creating an inclusive environment that values diverse perspectives and experiences. USDS Reasonable Accommodation
USDS provides accommodations for candidates with disabilities or other protected reasons. Contact us at for assistance. #J-18808-Ljbffr
Be among the first 25 applicants Responsibilities
About the Team This role reports to the Threat Led Defense (USTLD) team lead. USTLD's mission is to ensure that the Threat Detection and Response organization can detect and mitigate the most critical threats to our user data, employees, and operations. As a detection engineer, you will onboard, write, and tune detection logic for various network, endpoint, and cloud security use cases. Ideal Candidate
You are a self-starter comfortable operating in a fast-paced environment. You want to work with cross-functional teams on diverse use cases. You seek a high-impact individual contributor role within a growing team. You enjoy tackling complex or novel challenges. Our organization follows a hybrid work schedule requiring employees to work in the office 3 days a week, subject to change based on departmental review. Tasks and Responsibilities
Assess threat actor tradecraft and develop countermeasures with intelligence and engineering teams. Onboard and tune detection logic from commercial and internal products. Analyze threat actor TTPs using MITRE ATT&CK and assess detection coverage with MITRE DeTT&CT. Develop custom rules to fill detection gaps. Collaborate with logging teams to onboard new log sources to our SIEM. Contribute to threat hunts and purple team exercises. Build and maintain a threat detection library. Develop enrichment pipelines and automation to improve detection fidelity. Qualifications
Minimum Qualifications
Bachelor's degree or equivalent experience in Computer Science, Information Security, or related field with 5+ years in security operations, threat detection, or incident response. 2+ years experience with Splunk: data ingestion, advanced queries, dashboards; proficiency in SPL. Proficiency in Python, PowerShell, YAML, or JavaScript. Experience with security logging for Linux and macOS, and working with internal tools, SQL, or Lucine. Knowledge of network security devices like firewalls and proxies. Strong communication, analytical skills, and experience mapping TTPs to MITRE ATT&CK. Preferred Qualifications
Experience with Linux detection tools like auditd, osquery. Experience with IDS variables, MITRE DeTT&CT, and detections-as-code. Experience with XSOAR or similar SOAR platforms, attack simulation frameworks. Relevant certifications such as OSCP, CISSP, GREM, etc. About USDS
TikTok's US Data Security (USDS) division focuses on data protection policies and safeguarding U.S. user data, ensuring platform security and compliance. Data Security Statement
This role involves working with systems that handle sensitive data and will require security screening. Why Join Us
Join TikTok to be part of a creative, innovative, and diverse team that values curiosity, humility, and impact. We foster a culture of learning, resilience, and continuous improvement. Diversity & Inclusion
We are committed to creating an inclusive environment that values diverse perspectives and experiences. USDS Reasonable Accommodation
USDS provides accommodations for candidates with disabilities or other protected reasons. Contact us at for assistance. #J-18808-Ljbffr