Privacy Engineer (RED team) - PDPO (Singapore)
Responsibilities
About the team
PDPO(Privacy and Data Protection Office) is the organization to lead, supervise, and empower all TikTok's privacy work in an accountable and industry leading way. This team is the expert in the landscape of privacy risks and passionate about consulting across the company on implementing the proper safeguards and technical mitigations to ensure that our users' privacy is honored across the TikTok's products and platforms.
What you'll do:
- Conduct in-depth technical assessments focused on finding privacy issues in internal and external facing systems, products, and services.
- Collaborate closely with engineering and product teams to integrate privacy-preserving security measures throughout the software development lifecycle (SDLC).
- Research and analyze emerging threats in privacy, proactively identifying mitigation strategies and testing methodologies to protect user data.
Want more jobs like this?
Get Software Engineering jobs in Singapore delivered to your inbox every week.
- Automate privacy-focused assessments through tooling, scripts, and frameworks to enhance scalability and efficiency.
- Support the development of practices, processes, mechanisms, and the documentation for these activities, both internally and with working groups.
Knowledge, Skills & Abilities:
- Strong Computer Science, Security engineering and Privacy engineering fundamentals
- Deep understanding of privacy engineering concepts (such as data minimization, anonymization, secure data processing)
- Strong foundation in penetration testing / red teaming
- Strong foundation in manual secure code review, with the ability to identify privacy vulnerabilities, security flaws, and data leakage risks in applications and services.
- Able to collaborate, prioritize duties, and work well on your own
- Excellent interpersonal and communication skills, with the ability to work cross-functionally with engineering, legal, and compliance teams.
Qualifications
Minimum Qualifications:
- 3+ years work experience in web security or data security
- Experience in Penetration Testing or Red Team exercises
- Strong ability to analyze complex systems for privacy risks and provide actionable privacy recommendations.
- Ability to understand and apply privacy foundational concepts
Preferred Qualifications:
- Experience making contributions to the security or privacy community, such as public research, blogging, presentations, bug bounties, CVEs, etc.
- Experience with common testing frameworks, such as the MITRE ATT&CK framework
- 2+ years work experience with scripting language including code maintenance and review
- Experience implementing or assessing the implementation of GDPR, CCPA, or equivalent privacy regulation
- Experience with tools used to perform Dynamic Application Security Testing (DAST) or Static Application Security Testing (SAST)
#LI-DC4
Perks and Benefits
Health and Wellness
- Health Insurance
- Dental Insurance
- Vision Insurance
- HSA
- Life Insurance
- Fitness Subsidies
- Short-Term Disability
- Long-Term Disability
- On-Site Gym
- Mental Health Benefits
- Virtual Fitness Classes
Parental Benefits
- Fertility Benefits
- Adoption Assistance Program
- Family Support Resources
Work Flexibility
- Flexible Work Hours
- Hybrid Work Opportunities
Office Life and Perks
- Casual Dress
- Snacks
- Pet-friendly Office
- Happy Hours
- Some Meals Provided
- Company Outings
- On-Site Cafeteria
- Holiday Events
Vacation and Time Off
- Paid Vacation
- Paid Holidays
- Personal/Sick Days
- Leave of Absence
Financial and Retirement
- 401(K) With Company Matching
- Performance Bonus
- Company Equity
Professional Development
- Promote From Within
- Access to Online Courses
- Leadership Training Program
- Associate or Rotational Training Program
- Mentor Program
Diversity and Inclusion
- Diversity, Equity, and Inclusion Program
- Employee Resource Groups (ERG)
Company Videos
Hear directly from employees about what it is like to work at TikTok.