Responsibilities
The mission of TikTok's Global Security Organization is to build and earn trust by reducing risk and securing our businesses and products. Also known as "GSO", this team is the foundation of our efforts to keep TikTok safe, secure, and operating at scale for over 1 billion people around the world. We work to ensure that the TikTok platform is safe and secure, that our users' experience and their data remains safe from external or internal threats, and that we comply with global regulations wherever TikTok operates.
Trust is one of TikTok's biggest initiatives, and security is integral to our success. In whatever ways users interact with us - whether they're watching videos on their For You page, interacting with a Live video, or buying products on TikTok Shop - GSO protects their data and privacy, so they can have a secure and trustworthy experience.
Want more jobs like this?
Get jobs in New York, NY delivered to your inbox every week.
TikTok is seeking a Senior Analyst for Access Operations to be part of the Product Trust and Access Governance team and will be responsible for overseeing operations and management of data access and data transfer requests to validate compliance with relevant company policy, geographical regulation, contractual commitments, and confidentiality requirements.
As a direct report to the Identity and Access Management lead within the Global Security Organization, you are part of a team that manages the security of TikTok data through access management processes and controls across the entire data lifecycle, from creation to destruction.
Further, you will oversee policies and procedures for managing access based and will ingest organizational policies to create enforcement mechanisms. This will entail understanding requirements, designing controls, and ultimately managing the on-going operation of those controls.
RESPONSIBILITIES
- Build and review technical and functional requirements for in-house or external technologies to support access management and assurance needs
- Design and implement access management and validation programs (people, process, and technology) to mitigate security threats and risks related to access that may impact business data through a holistic global program-oriented approach
- Design and implement the access review process, ensuring that access is reviewed regularly, both for appropriateness of access as well as privilege levels for all users
- Guide the team in developing use cases and integrating access management technologies with related cybersecurity technologies (e.g., security incident and event management, data classification, vulnerability management, identity management, authentication requirements)
- Create reporting and response execution for Access Management processes. This includes ensuring metrics coverage, accuracy, and usability to make key decisions and inform executive strategy. The candidate will also be responsible for drafting and executing processes that require expedited and prioritized response, in scenarios that may require collaboration across multiple teams
- Deliver projects in alignment with established guidelines for data security and data regionalization across global regions. The candidate is also expected to stay up-to-date with evolving data protection and regionalization requirements and guidelines (e.g., GDPR, cross-border transfer requirements). Based on the developments, the candidate will collaborate with stakeholders to ensure process implementations comply with relevant regional regulations and policies. The candidate will implement and enforce mechanisms to proactively monitor, respond and report on inappropriate data access events
- Provide input in cross-functional Legal and Engineering engagements where security operations are required to advance Global Security-IAM owned projects. The candidate will be expected to collaborate with engineers to assess new process requests for adherence to data privacy and security requirements, provide guidance and recommendations to ensure technical solutions align with best practices and regulatory standards. The candidate will also be responsible for interacting with engineering and business teams to define access standards and/or necessary modifications to new or existing access policies or roles in support of data security standards and regulations
Qualifications
MINIMUM QUALIFICATIONS
- Demonstrate ability to quickly assimilate to new knowledge and remain current on new developments in access management tools and capabilities and industry knowledge
- In-depth experience in designing and deploying access management technologies and validation controls in enterprise-class organizations, including the following: Access monitoring & validation, remediation, and escalation, role-based access policies based on principle of least privilege, access permission retrieval and analysis, Configuration of access permissions/roles, provisioning, modifying, and de-provisioning account access
- In-depth knowledge of data privacy regulations and standards, such as GDPR or other global data protection laws
- Strong understanding of: Data security and access controls (e.g. ABAC, RBAC, PBAC, PAM), Data security principles and Global data transfer mechanisms
- Strong critical thinking skills and process-driven mindset to apply to standardise key security and privacy solutions
PREFERRED QUALIFICATIONS
- Bachelors' Degree or industry equivalent work experience
- Minimum 5 years experience working in cybersecurity
- Relevant certifications such as CISA or CISSP
- Understanding of: Access Controls, Data security across multiple geographical regions, Identity and Access Management including writing scripts, configure tools, work with APIs and databases (e.g. MYSQL, Redis)
- Strong communication skills to collaborate with cross-functional teams (both technical and non-technical), influence without authority and persuade priorities, objectives and controls to stakeholders
- Ability to adapt to changing requirements or non-standard situations
Job Information
[For Pay Transparency] Compensation Description (annually)
The base salary range for this position in the selected city is $147200 - $269800 annually.
Compensation may vary outside of this range depending on a number of factors, including a candidate's qualifications, skills, competencies and experience, and location. Base pay is one part of the Total Package that is provided to compensate and recognize employees for their work, and this role may be eligible for additional discretionary bonuses/incentives, and restricted stock units.
Benefits may vary depending on the nature of employment and the country work location. Employees have day one access to medical, dental, and vision insurance, a 401(k) savings plan with company match, paid parental leave, short-term and long-term disability coverage, life insurance, wellbeing benefits, among others. Employees also receive 10 paid holidays per year, 10 paid sick days per year and 17 days of Paid Personal Time (prorated upon hire with increasing accruals by tenure).
The Company reserves the right to modify or change these benefits programs at any time, with or without notice.
For Los Angeles County (unincorporated) Candidates:
Qualified applicants with arrest or conviction records will be considered for employment in accordance with all federal, state, and local laws including the Los Angeles County Fair Chance Ordinance for Employers and the California Fair Chance Act. Our company believes that criminal history may have a direct, adverse and negative relationship on the following job duties, potentially resulting in the withdrawal of the conditional offer of employment:
1. Interacting and occasionally having unsupervised contact with internal/external clients and/or colleagues;
2. Appropriately handling and managing confidential information including proprietary and trade secret information and access to information technology systems; and
3. Exercising sound judgment.