Senior Security Analyst - Insider Risk Tier 3 - TikTok

Key Responsibilities

• Lead Tier 3 investigations of insider‑related security incidents, from detection through remediation and post‑mortem analysis.
• Design, implement, and tune SIEM detection rules and analytics to identify anomalous user behavior across cloud and on‑premise environments.
• Develop automated response scripts and tooling, primarily using Python, to accelerate incident handling and evidence collection.
• Collaborate with product, engineering, and legal teams to assess insider risk, define mitigation strategies, and ensure compliance with global regulations.
• Mentor junior analysts, conduct threat‑hunting exercises, and contribute to continuous improvement of the insider risk program.

Requirements

• 5+ years of experience in security operations, with a focus on insider threat detection and response.
• Strong proficiency in SIEM platforms (e.g., Splunk, QRadar) and scripting languages such as Python.
• Deep understanding of cloud security concepts (AWS, GCP, Azure) and experience securing data in cloud environments.
• Proven ability to analyze complex logs, conduct forensic investigations, and produce clear, actionable reports.
• Excellent communication skills and a collaborative mindset for working across global, cross‑functional teams.