Job description

Responsibilities
TikTok is the leading destination for short-form mobile video. Our mission is to inspire creativity and bring joy. TikTok has global offices, including Los Angeles, New York, London, Paris, Berlin, Dubai, Mumbai, Singapore, Jakarta, Seoul, and Tokyo.

Why Join Us

At TikTok, our people are humble, intelligent, compassionate and creative. We create to inspire - for you, for us, and for more than 1 billion users on our platform. We lead with curiosity and aim for the highest, never shying away from taking calculated risks and embracing ambiguity as it comes. Here, the opportunities are limitless for those who dare to pursue bold ideas that exist just beyond the boundary of possibility. Join us and make impact happen with a career at TikTok.

Our United States Data Security (USDS) function provides services to TikTok's US market using four principles that guide our strategic and tactical operations. First, we champion trust and transparency, leading the charge in organizational transparency and execution of security and privacy capabilities that drive customer trust. Second, we are a business catalyst and enabler, embodying the DNA of technical innovation. Third, we drive risk-informed and empowered decision-making, giving our business leaders the information needed to make key decisions. Finally, we proactively identify and reduce risk while enabling innovative product development – to consistently build sustainable world-class and trusted security capabilities.

As a direct report to the Data Protection Senior Analyst within Business Operations Protection, you will be a part of the Data Defense team responsible for Enterprise Data Defense and Access Assurance Operations. The Data Defense and Access Assurance team's primary focus is TikTok's global data protection operations across servers, endpoints, and cloud. As Data Protection Operations Analyst, you will be responsible for supporting the Data Defense Senior Analyst along with a team of cross-functional cyber, privacy, engineering, and data protection analysts to define, implement, manage, and measure controls to protect data in accordance with relevant geographical regulations, contractual commitments, and confidentiality requirements.

In your capacity as a key contributor within Enterprise Data Defense Operations, you are part of a team that manages the security of TikTok data through the entire data lifecycle, from creation to destruction. This will include identification, classification, protection of data, and management of the company’s source code and versioning repository. In addition, you will be responsible for managing data remediation workflows and tracking risks and issues. Finally, you and your team will create a strategy for the control environment that protects TikTok data. This will entail understanding requirements, designing controls, and ultimately managing the on-going operation of those controls. Your team will also be responsible for investigating and resolving incidents that involve theft or loss of intellectual property.

The candidate must be skilled in conducting analysis of data, security, and business problems, as well as threats, incidents, investigations, workforce protection, and other general security-related issues. The candidate must also have the ability to communicate well, collaborate with cross-functional and individual contributor teams, participate in coordinating response and defensive actions over a variety of security disciplines, and disseminate security information as appropriate in support of TikTok's critical business, go to market, and operational infrastructure needs.

Tasks and Responsibilities

• Develop business and regulatory requirements to support development and selection of data protection technologies
• Perform triage and analysis of data output from data protection technologies and tools
• Analyze data to determine trends and areas for to improve data security as part of business processes
• Support interactions with Risk and Compliance to understand control requirements and provide information to support findings for non-compliance with internal security policies
• Support interactions with System and business owners to understand respective system requirements and business processes in order to provide valuable recommendations for data security enhancements

Qualifications

Knowledge and Skills:

• Excellent analytical and problem-solving skills
• Excellent communication skills (verbal and written), ability to influence without authority
• Works well under pressure within time/budget constraints to solve problems, adjust quickly to shifting priorities, and make decisions with limited information
• Ability to balance risks in ambiguous and complex situations
• Demonstrated teamwork and collaboration skills, in particular in leading or contributing to global and cross-functional teams
• Highly motivated to contribute and grow within a complex area of emerging importance
• Ability to communicate technical concepts to a broad range of technical and non-technical staff
• Strong understanding of:
• Data security tools, processes, and procedures
• Data lifecyle and protection of data throughout
• Interpretation of numeric data and statistical principles
• IP and Source Code protection tools, policies, and procedures
• Data classification, labelling, and data usage

Minimum Qualifications:

• Bachelors’ Degree or industry equivalent work experience in cybersecurity, international security architecture, and/or engineering in a converged security program
• 3+ years applicable experience
• High degree of integrity and trustworthiness and the ability to lead and inspire change
• Demonstrate ability to quickly assimilate to new knowledge and remain current on new developments in cybersecurity capabilities and industry knowledge
• Experience building and growing a team to meet strategic and tactical objectives; mentoring and coaching staff
• In-depth experience in the following:
• Microservices architecture
• Data leakage/content monitoring and filtering
• Data classification and privacy policies
• Logging, monitoring, and security event management
• Secure information storage
• Data classification, labelling, and data usage
• Identification of data security risks

Preferred Qualifications:

• CISSP, SSCP, CAP, CCSP, CISM or applicable experience in the Information Security field
• Experience using one or more programming/scripting languages (e.g., Python, Go, Java, etc.)
• Familiarity with source code management tools (e.g., Github, Bitbucket)
• Familiarity with securing data across SaaS and IaaS cloud platforms (e.g., AWS, Google Cloud Platform)
• Familiarity with database technologies such as Graph databases, Kafka queues, Redis, Mongo and other non-relational databases
• Familiarity with regulatory privacy landscape (e.g., GDPR, CCPA)
• Be able to handle ambiguity and collaborate with a global team
• Be comfortable communicating with business executives and technical teams

TikTok is committed to creating an inclusive space where employees are valued for their skills, experiences, and unique perspectives. Our platform connects people from across the globe and so does our workplace. At TikTok, our mission is to inspire creativity and bring joy. To achieve that goal, we are committed to celebrating our diverse voices and to creating an environment that reflects the many communities we reach. We are passionate about this and hope you are too.

TikTok is committed to providing reasonable accommodations during our recruitment process. If you need assistance or accommodation, please reach out to us at USRC@tiktok.com.
Job Information
The base salary range for this position in the selected city is $90000 - $133000 annually.

​

Compensation may vary outside of this range depending on a number of factors, including a candidate’s qualifications, skills, competencies and experience, and location. Base pay is one part of the Total Package that is provided to compensate and recognize employees for their work, and this role may be eligible for additional discretionary bonuses/incentives, and restricted stock units.

​

At ByteDance/TikTok our benefits are designed to convey company culture and values, to create an efficient and inspiring work environment, and to support ByteDancers to give their best in both work and life. We offer the following benefits to eligible employees:

​

We cover 100% premium coverage for employee medical insurance, 80% premium coverage for dependents and offer a Health Savings Account(HSA) with a company match. As well as Dental, Vision, Short/Long term Disability, Basic Life, Voluntary Life and AD&D insurance plans. In addition to Flexible Spending Account(FSA) Options like Health Care, Limited Purpose and Dependent Care.

​

Our time off and leave plans are: 10 paid holidays per year plus 17 days of Paid Personal Time Off(PPTO) (prorated upon hire and increased by tenure) and 10 paid sick days per year as well as 12 weeks of paid Parental leave and 8 weeks of paid Supplemental Disability.

​

We also provide generous benefits like mental and emotional health benefits through our EAP and Lyra. A 401K company match, gym and cellphone service reimbursements. The Company reserves the right to modify or change these benefits programs at any time, with or without notice.

learninglandscape.com is the go-to platform for job seekers looking for the best job postings from around the web. With a focus on quality, the platform guarantees that all job postings are from reliable sources and are up-to-date. It also offers a variety of tools to help users find the perfect job for them, such as searching by location and filtering by industry. Furthermore, learninglandscape.com provides helpful resources like resume tips and career advice to give job seekers an edge in their search. With its commitment to quality and user-friendliness, learninglandscape.com is the ideal place to find your next job.