Privacy Analyst - USDS

Responsibilities
We are seeking a Privacy Analyst with a background in privacy, security, compliance, or a related field, who is eager to grow a dedicated career in privacy. This role will focus on capturing, documenting, and evaluating privacy measures and operations to identify gaps, inefficiencies, or areas that need alignment and improvement, such as in how privacy capabilities are implemented to support operations and whether there are any privacy activities that fall outside compliance oversight. The Privacy Analyst will collaborate with cross-functional teams to ensure that privacy practices are applied consistently and effectively across all operational arms at USDS.

Initially reporting to the Head of Privacy and Integrated Security, the reporting structure may evolve as the capability grows.

Key Responsibilities:
- Conduct privacy compliance assessment. Analyze and identify operational gaps between the global privacy framework and USDS execution, with a focus on how privacy solutions are being utilized to achieve privacy objectives. Drive and support efforts to ensure that privacy safeguards are effective and aligned with TikTok standards.
- Conduct Privacy Process Mapping: Map out and document existing privacy processes, workflows, and procedures across USDS operational arms. Identify areas where privacy processes are not captured/documented or inefficient/ineffective, and recommend actionable improvements.
- Cross-Functional Collaboration: Build strong relationships with global and USDS teams. Work closely with them to ensure operational practices align with TikTok privacy framework and the effective implementation of privacy capabilities. Build rapport with R&D/PDPO and US privacy operations. Champion privacy best practices of global impacts and integrate them into USDS operations.
- Collaborate with the risk management team to conduct compliance risk analyses that inform risk profiling and support risk reduction efforts. Provide actionable recommendations to mitigate identified risks and enhance privacy posture.
- Policy and SOP Development: Assist in drafting and implementing guidelines and Standard Operating Procedures (SOPs) that translate privacy policies into actionable practices. For example, contribute to developing specs for data retention and records management that are both practical for business operations and aligned with technical capabilities.
- Metrics and Reporting: Establish metrics and KPIs to track the effectiveness and efficiency of privacy safeguards and processes. Regularly report on process performance and compliance status.
- Continuous Improvement: Drive and support continuous improvement initiatives to optimize privacy operations, increase efficiency, and ensure compliance.
- Engage in special projects and additional responsibilities may be needed as the team expands and capabilities are enhanced.

Qualifications

Minimum Qualifications
- Bachelor's degree in Computer Science, Information Security, or a related field. Candidates with relevant experience in security, privacy and process engineering fields will also be considered in lieu of a formal degree.
- 2+ years of experience in privacy compliance or privacy risk analysis.
- Good understanding of privacy frameworks and how privacy operations are relevant to meeting privacy compliance regulations (e.g., GDPR, CCPA, COPPA)
- Excellent analytical and problem solving skills, with the ability to assess processes and recommend practical improvements.
- Strong communication skills and the ability to work across teams to ensure process alignment and compliance.
- Must be adaptable and able to navigate through ambiguity and vagueness within a large complex organization.

Preferred Qualifications
- Privacy/Security engineering or operation background, practical experience involving operationalizing privacy and security solutions to identified issues.
- Experience working with globally distributed teams
- Experience on social media platform