Cloud Security Architect, BytePlus

Responsibilities

About the Company
Founded in 2012, ByteDance's mission is to inspire creativity and enrich life. With a suite of more than a dozen products, including TikTok as well as platforms specific to the China market, including Toutiao, Douyin, and Xigua, ByteDance has made it easier and more fun for people to connect with, consume, and create content.

Why Join Us
Creation is the core of ByteDance's purpose. Our products are built to help imaginations thrive. This is doubly true of the teams that make our innovations possible.
Together, we inspire creativity and enrich life - a mission we aim towards achieving every day.
To us, every challenge, no matter how ambiguous, is an opportunity; to learn, to innovate, and to grow as one team. Status quo? Never. Courage? Always.
At ByteDance, we create together and grow together. That's how we drive impact - for ourselves, our company, and the users we serve.
Join us.

About the Team
The Cloud Security team owns security for all services offered by Volcano Engine & BytePlus which is a cloud service provider owned by ByteDance, including IaaS, PaaS and SaaS. Join our forward-thinking security team dedicated to securing our cloud infrastructure with cutting-edge technologies and best practices. You will have the opportunity to design and implement robust security solutions for our cloud environments, ensuring the protection of sensitive data and the resilience of our systems.

Job Responsibility
1. Design, implement, and oversee cloud security architecture, encompassing physical hardware, operating system, cloud-native application, data security and privacy protection, insider threats and generative AI.
2. Develop and enforce cloud security policies, standards, and procedures in alignment with industry regulations and best practices.
3. Conduct security risk assessments, security training, and vulnerability assessments to identify and address security gaps proactively.
4. Collaborate with cross-functional teams to integrate security controls into cloud products and underlying infrastructure.
5. Stay abreast of emerging cloud security trends, technologies, and threats, providing guidance on security strategies and solutions.

Qualifications

Minimum Qualifications
1. Familiar with the principles of common risks, attack and defense strategies; Understand how to systematically lead security architecture and risk governance.
2. Familiar with cloud-native and infrastructure technologies such as network access, LLM, big data, storage, cloud computing, microservices, zero trust, etc.
3. Familiarity with container security technologies (e.g., Docker, Kubernetes) and serverless security best practices.
4. Proficient in at least one language in Golang, Python, Java, or NodeJS, capable of doing code auditing/reviews and development.
5. Knowledge of security frameworks and standards (e.g., CIS Benchmarks, GDPR, HIPAA).
6. Strong communication and excellent teamwork skills. With professional working ethics, and have a keen risk awareness. Results orientated, aiming for long-term growth in this field.

Preferred Qualifications
1. Experience of discovering major impactful vulnerabilities domestically or internationally / winning large-scale security competitions is a plus.
2. Priority given to those who have led or participated in large-scale governance, architecture, and design projects.
3. Strong understanding of cloud computing platforms (e.g., AWS, Azure, GCP) and cloud security best practices.

ByteDance is committed to creating an inclusive space where employees are valued for their skills, experiences, and unique perspectives. Our platform connects people from across the globe and so does our workplace. At ByteDance, our mission is to inspire creativity and enrich life. To achieve that goal, we are committed to celebrating our diverse voices and to creating an environment that reflects the many communities we reach. We are passionate about this and hope you are too.