Job description
ResponsibilitiesTikTok is the leading destination for short-form mobile video. Our mission is to inspire creativity and bring joy. TikTok has global offices, including Los Angeles, New York, London, Paris, Berlin, Dubai, Mumbai, Singapore, Jakarta, Seoul, and Tokyo.
Why Join Us
At TikTok, our people are humble, intelligent, compassionate and creative. We create to inspire - for you, for us, and for more than 1 billion users on our platform. We lead with curiosity and aim for the highest, never shying away from taking calculated risks and embracing ambiguity as it comes. Here, the opportunities are limitless for those who dare to pursue bold ideas that exist just beyond the boundary of possibility. Join us and make impact happen with a career at TikTok.
Our Global Security function provides services to TikTok's US market using four principles that guide our strategic and tactical operations. First, we champion trust and transparency, leading the charge in organizational transparency and execution of security and privacy capabilities that drive customer trust. Second, we are a business catalyst and enabler, embodying the DNA of technical innovation. Third, we drive risk-informed and empowered decision-making, giving our business leaders the information needed to make key decisions. Finally, we proactively identify and reduce risk while enabling innovative product development – to consistently build sustainable world-class and trusted security capabilities.
As a direct report to the Principal of US Data Defense and Access Assurance within the Business Operations team, you will be a part of the Data Defense team responsible for Enterprise Data Defense and Access Assurance Operations. The Data Defense and Access Assurance team's primary focus is TikTok's data protection operations across servers, endpoints, and cloud. As the Data Defense Senior Engineer, you will be leading a team of cross-functional cyber, privacy, engineering, and data protection analysts to design, develop, implement, and execute tools and processes to enforce data protection controls in accordance with relevant geographical regulations, contractual commitments, and confidentiality requirements.
The candidate must be skilled in conducting technical analysis of data, security, and business problems, as well as threats, incidents, investigations, workforce protection, and other general security-related issues. The candidate must also have the ability to communicate well, motivate and lead cross-functional and individual contributor teams independently, participate in coordinating response and defensive actions over a variety of security disciplines, and disseminate security information as appropriate in support of TikTok's critical business, go to market, and operational infrastructure needs. The candidate will develop, select, and motivate highly effective employees to execute TikTok's business model.
Responsibilities
- Design, develop, and execute scripts to scan for sensitive data, verify data security and protect sensitive data-at-rest, in-motion, and in-transit
- Implement automation of iterative processes end-to-end across tools and platforms into scalable, reusable, and configurable frameworks and methodologies
- Build, manage, and maintain data protection technologies to better identify and protect sensitive data
- Guide the development and selection of data protection technologies to meet architecture and security requirements
- Apply appropriate security measures, controls, and protections in the design and selection of data defense tools and technologies
- Design, implement and operate technical security programs (people, process, and technology) to mitigate security threats and risks that may impact business data through a holistic global program-oriented approach
- Design and implement technical security standards covering data protection standards (such as data disposition and encryption) for systems involved in processing sensitive data
- Gather and understand data protection requirements across the regions TikTok operates in and ensure that technical controls satisfy requirements
- Interact with users to define system requirements and/or necessary modifications to new or existing software in support of data security requirements
- Support interactions and develop relationships with Engineering teams to understand system architecture and technical requirements
- Responsible for designing, measuring, and reporting key performance indicators and metrics as well as dashboard visualizations for regular cadences across multiple audiences
Knowledge and Skills:
- Excellent analytical and problem-solving skills
- Ability to quickly understand and adapt to new technologies with limited guides and resources
- Excellent communication skills (verbal and written), ability to influence without authority and communicate technical concepts to a broad range of technical and non-technical staff
- Works well under pressure within time/budget constraints to solve problems, adjust quickly to shifting priorities, and make decisions with limited information and the ability to balance risks in ambiguous and complex situations
- Demonstrated teamwork and collaboration skills, in particular in leading or contributing to global and cross-functional teams
- Highly motivated to contribute and grow within a complex area of emerging importance
- Strong understanding of:
- Data security tools, processes, and procedures
- Data lifecycle and protection of data throughout
- Configuration and maintenance of data protection tools
- System architecture and technical requirements for deployment of data protection tools
- Security requirements and standards for systems and applications
- Bachelors’ Degree or industry equivalent work experience in cybersecurity, international security architecture, computer science, and/or software engineering in a converged security program
- 5+ years applicable experience
- Expert in script development and automation using one or more programming languages (e.g., Python, Go, Java) and APIs
- Strong understanding of relational and non-relational databases (e.g., Graph, Redis, Mongo, Hive, Hadoop/HDFS, and other Big Data technologies)
- High degree of integrity and trustworthiness and the ability to lead and inspire change
- Demonstrated ability to quickly assimilate to new knowledge and remain current on new developments in cybersecurity capabilities and industry knowledge
- Experience building and growing a team to meet strategic and tactical objectives; mentoring and coaching staff
- In-depth experience in designing and deploying data protection technologies and controls in enterprise-class organizations, including the following:
- Microservices architecture
- Data leakage/content monitoring and filtering
- Cloud access security broker
- Secure messaging/email encryption
- Mobile device security
- Disk, file, device, and database encryption
- Key management/Public Key Infrastructure (PKI)
- Data classification and privacy policies
- Digital Rights Management (DRM)
- Logging, monitoring, and security event management
- Secure information storage
- Database management and administration
- CISSP, SSCP, CAP, CCSP, CISM or applicable experience in the Information Security field
- Familiarity with message queue technologies (e.g., Kafka, RocketMQ)
- Familiarity with source code management tools (e.g., Github, Bitbucket)
- Experience with Data Analytics
- Familiarity with securing data across SaaS and IaaS cloud platforms (e.g., AWS, Google Cloud Platform)
- Be able to handle ambiguity and collaborate with a global team
- Be comfortable communicating with business executives and technical teams
- Be able to motivate junior staff and contractors
TikTok is committed to providing reasonable accommodations during our recruitment process. If you need assistance or accommodation, please reach out to us at USRC@tiktok.com.
Job Information
The base salary range for this position in the selected city is $104960 - $213000 annually.
Compensation may vary outside of this range depending on a number of factors, including a candidate’s qualifications, skills, competencies and experience, and location. Base pay is one part of the Total Package that is provided to compensate and recognize employees for their work, and this role may be eligible for additional discretionary bonuses/incentives, and restricted stock units.
At ByteDance/TikTok our benefits are designed to convey company culture and values, to create an efficient and inspiring work environment, and to support ByteDancers to give their best in both work and life. We offer the following benefits to eligible employees:
We cover 100% premium coverage for employee medical insurance, 80% premium coverage for dependents and offer a Health Savings Account(HSA) with a company match. As well as Dental, Vision, Short/Long term Disability, Basic Life, Voluntary Life and AD&D insurance plans. In addition to Flexible Spending Account(FSA) Options like Health Care, Limited Purpose and Dependent Care.
Our time off and leave plans are: 10 paid holidays per year plus 17 days of Paid Personal Time Off(PPTO) (prorated upon hire and increased by tenure) and 10 paid sick days per year as well as 12 weeks of paid Parental leave and 8 weeks of paid Supplemental Disability.
We also provide generous benefits like mental and emotional health benefits through our EAP and Lyra. A 401K company match, gym and cellphone service reimbursements. The Company reserves the right to modify or change these benefits programs at any time, with or without notice.
jackharris.com is the go-to platform for job seekers looking for the best job postings from around the web. With a focus on quality, the platform guarantees that all job postings are from reliable sources and are up-to-date. It also offers a variety of tools to help users find the perfect job for them, such as searching by location and filtering by industry. Furthermore, jackharris.com provides helpful resources like resume tips and career advice to give job seekers an edge in their search. With its commitment to quality and user-friendliness, jackharris.com is the ideal place to find your next job.