Responsibilities
Team introduction:
TikTok is seeking a highly adaptable and motivated Senior Analyst to bolster our data sovereignty controls testing program. As a key member of our Data Protection Solutions team, you will play a crucial role in ensuring the privacy and security of our regional data by executing on data sovereignty testing strategy and contributing to the improvement of technical controls across prioritized technology solutions.
You will collaborate closely with various teams, including Legal, Global Security, and Security Engineering, to help ensure continued compliance with data privacy regulations and the implementation of robust security measures, in all stages of solution development. This role reports to the Data Sovereignty Solutions Lead within PnS's Data Protection Solutions team.
Want more jobs like this?
Get jobs in Singapore delivered to your inbox every week.
Responsibilities:
- Stay up-to-date with evolving data sovereignty and regionalization requirements (e.g., GDPR, cross-border transfer requirements) and translate these requirements into discrete testing procedures, specific to applicable regions and controls
- Collaborate with engineers and product owners to assess systems in the design stage, providing a testing framework for short and long-term testing of applicable data sovereignty and regionalization controls, bespoke to their technologies
- After implementation, continue with ongoing testing of applicable data sovereignty and regionalization controls as products and systems expand or mature
- Where possible, develop automated testing mechanisms to reduce manual effort and increase program maturity in a sustainable manner
Qualifications
Minimum Qualifications:
- In-depth knowledge of data privacy regulations and standards, such as GDPR, CCPA, or other global data protection laws
- Strong understanding of:
- Cross-border data transfers
- Data security and data privacy concepts
- Penetration testing or red team exercises
- Data encryption, tokenization, masking, and redaction
- Strong critical thinking and technical analysis skills to apply to documentation review or testing design
- Demonstrate ability to quickly assimilate to new knowledge and remain current on new developments in data sovereignty, data regionalization and data privacy
Preferred Qualifications:
- Bachelors' Degree or industry equivalent work experience
- Minimum 5 years experience working in cybersecurity, security engineering, or privacy engineering
- Relevant certifications:
- CIPP/E
- CISSP
- Understanding of:
- Cloud security and architecture
- Privacy enhancing technologies
- System design and application development practices
- Common testing frameworks, such as the MITRE ATT&CK framework
- Strong communication skills to collaborate with cross-functional teams (both technical and non-technical), influence without authority, and persuade priorities, objectives, and controls to stakeholders
- Demonstrated ability to work effectively in environments of ambiguity and constant change.