Privacy Solutions Analyst - Privacy and Data Protection Office, Singapore

You will help analyze systemic privacy/security vulnerabilities, engage directly with product engineers to recommend remediation paths, and relentlessly drive resolution. You will also support detection and prevention efforts by enabling architectural changes and long-term mitigation strategies-ensuring that privacy and security issues are addressed before they reach production.

Key Responsibilities
- Partner with technical and non-technical stakeholders to validate findings, analyze root causes, and describe vulnerabilities clearly to product teams, engineers, executives, legal, and other internal stakeholders on privacy matters.
- Work directly with engineering teams to recommend, design, and implement optimal fixes or mitigation plans- ranging from code-level changes to architectural redesigns.
- Conduct thematic and systemic analysis to identify patterns of repeated vulnerabilities and propose preventive safeguards.
- Lead technical remediation initiatives to closure by organizing priorities, tracking progress, and escalating blockers as needed.
- Collaborate with first line of defense teams to prevent regressions through test coverage, guardrails, or SDLC process improvements
- Participate in post-incident reviews, produce root cause analyses, and advocate for strategic fixes beyond tactical patching
- Develop and maintain dashboards, SLAs, and workflows for tracking remediation of high-risk findings

Qualifications

Minimum Qualifications:
- 5+ years of experience in privacy engineering, application security, or cloud/software architecture roles
- Strong familiarity with microservices environments, RESTful APIs, containerized infrastructure, and CI/CD pipelines
- Solid knowledge of common privacy/security vulnerabilities, such as:
- Insecure Direct Object Reference (IDOR)
- Missing/broken authorization logic
- Misconfigured API endpoints
- Overreliance on client-side controls
- Ability to translate technical findings into prioritized, actionable tasks and influence teams to remediate within timelines
- Demonstrated ability to drive cross-functional collaboration and remediation across privacy, product, and infrastructure teams

Preferred Qualifications:
- Experience in vulnerability management, incident response, or threat modeling
- Familiarity with privacy-by-design principles and global privacy regulations (e.g., GDPR, CCPA)
- Experience creating automated detection or monitoring mechanisms for privacy/security violations
- Relevant certifications (e.g., CISSP, OSCP, CSSLP, GCP/AWS cloud certifications)

Client-provided location(s): Singapore

Job ID: TikTok-7422951498852108594

Employment Type: OTHER

Posted: 2025-04-10T04:36:21