TikTok · 1 hour ago
Vulnerability and Remediation Analyst - USDS
Washington, DC
Full-time
Onsite
Mid, Senior Level
$107K/yr - $243K/yr
5+ years expTikTok is the leading destination for short-form mobile video, and they are seeking a Vulnerability and Remediation Analyst to join their U.S. Data Security team. This role involves managing the operational lifecycle of security findings, ensuring effective communication between teams, and driving accountability in security risk reduction.
Content CreatorsContent DiscoveryMedia and EntertainmentSocial MediaVideo
Responsibilities
Remediation Lifecycle Management: Meticulously manage the end-to-end lifecycle of all assigned security findings, including vulnerabilities, incidents, OSO reports, and AVA audit findings
Finding Triage and Validation: Triage incoming security findings, validate their severity and scope, and ensure all necessary context is documented before assignment to remediation teams
Assignment and Tracking: Utilize the central remediation tracking system to assign findings to correct asset owners, set target remediation deadlines, and proactively track progress against Service Level Objectives (SLOs)
Cross-Functional Communication: Act as the primary point of contact between remediation teams (Engineering, DevOps) and finding teams (OSO, AVA, EIR), facilitating communication and overcoming roadblocks to expedite closure
Reporting Input: Collect, clean, and organize remediation data to feed into the SOA team's central operational dashboard and authoritative executive risk reports
Verification of Closure: Work with asset owners to verify that fixes are implemented correctly and effectively, closing out tickets only when remediation is confirmed
Process Adherence: Ensure all remediation activities adhere to established SOA governance models and standard operating procedures (SOPs)
Qualification
Required
5+ years of experience in Information Security, with a focus on Vulnerability Management, Incident Response, or Security Operations
Technical Security Knowledge: Foundational understanding of common security vulnerabilities (e.g., OWASP Top 10), modern infrastructure, and cloud environments
Organizational Skills: Proven ability to manage a large volume of simultaneous tracking items and drive accountability across multiple technical teams
Tool Proficiency: Direct experience using ticketing and tracking systems (e.g., JIRA, ServiceNow) and vulnerability scanners
Preferred
Security Certifications: Security+ or Certified Ethical Hacker (CEH) or similar from SANS
Communication: Experience in a liaison role, successfully managing complex stakeholder relationships in a fast-paced environment
Metrics Experience: Familiarity with generating basic reports or metrics from security or ticketing data to demonstrate trends and progress
Process Improvement: Experience identifying and recommending improvements to remediation workflows
Benefits
Medical, dental, and vision insurance
401(k) savings plan with company match
Paid parental leave
Short-term and long-term disability coverage
Life insurance
Wellbeing benefits
10 paid holidays per year
10 paid sick days per year
17 days of Paid Personal Time (prorated upon hire with increasing accruals by tenure)
Company
TikTok
TikTok is a short-form video entertainment app and social network platform. It is a sub-organization of ByteDance.
10001+ employees
H1B Sponsorship
TikTok has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (979)
2024 (601)
2023 (387)
2022 (322)
2021 (133)
2020 (72)
Funding
Current Stage
Late StageLeadership Team
N Ali Mohamed
CEO
Blake Chandlee
VP Global Business Solutions
Recent News
2025-12-31
2025-12-30
Company data provided by crunchbase