Security Strategy, Risk, and Resilience (SRR) Business Continuity Senior Specialist
Responsibilities
The mission of TikTok's Global Security Organization is to build and earn trust by reducing risk and securing our businesses and products. Also known as "GSO", this team is the foundation of our efforts to keep TikTok safe, secure, and operating at scale for over 1 billion people around the world. We work to ensure that the TikTok platform is safe and secure, that our users' experience and their data remains safe from external or internal threats, and that we comply with global regulations wherever TikTok operates.
Trust is one of TikTok's biggest initiatives, and security is integral to our success. In whatever ways users interact with us - whether they're watching videos on their For You page, interacting with a Live video, or buying products on TikTok Shop - GSO protects their data and privacy, so they can have a secure and trustworthy experience.
The Security Strategy, Risk, and Resilience team is responsible for working closely with cross-functional partners to manage security risks and ensure compliance with industry cybersecurity standards and government regulations. This includes developing governing policies, implementing the security control framework, conducting security risk and control assessments, overseeing third-party security management, driving business continuity management, and staying up to date on global compliance initiatives.
The Business Continuity Senior Specialist supports the development, implementation, and continuous improvement of the Global Security Organization's cyber-resilience strategy by advancing cybersecurity resilience, protecting critical business units, assets, and systems, and maintaining and testing continuity and disaster recovery plans.
As Security Strategy, Risk, and Resilience (SRR) Business Continuity Senior Specialist, you will be responsible for:
- Program Support and Execution: Contribute to the advancement of the global Business Continuity Management framework, ensuring alignment with company objectives, industry standards (e.g., ISO 22301), and regulatory requirements.
- Risk, Impact & Dependency Analysis: Perform end-to-end Business Impact Analyses (BIAs) and Technology Impact Analyses (TIAs) using dependency mapping, system data flows, and application criticality ratings. Leverage tooling to identify recovery time objectives (RTOs) and recovery point objectives (RPOs) across business-critical platforms.
- Continuity & Recovery Engineering: Collaborate with infrastructure, SRE, and application owners to design, document, and implement disaster recovery (DR) architectures (e.g., replication, failover, clustering, cloud backup). Validate technical feasibility of recovery strategies through configuration reviews and system testing.
- Testing & Simulation: Lead and execute technical resilience exercises including failover simulations, load/stress testing, and cyber-attack tabletop scenarios.
- Disaster Recovery Lifecycle Management: Own the continuous improvement of Disaster Recovery plans by validating system build documentation, patch levels, and backup/restore integrity.
Qualifications
Minimum Qualification(s):
- Deep knowledge of continuity methodologies and standards (e.g., ISO 22301, NIST SP 800-34, FFIEC), with hands-on experience conducting BIAs, TIAs, and dependency mapping to define RTOs/RPOs and validate technical recovery strategies.
- Proven ability to translate technical risk into business impact, aligning continuity strategies with cybersecurity controls, regulatory requirements, and enterprise operational priorities
Want more jobs like this?
Get jobs in Washington, DC delivered to your inbox every week.
- Ability to work from the Washington, DC office at least 3 days per week, with domestic and international travel as needed to support program initiatives
Preferred Qualification(s):
- 5 years in business continuity, disaster recovery, operational risk, or cyber resilience, with a demonstrated track record of leading technical continuity and recovery initiatives across complex, global environments
- Experience supporting enterprise-scale business continuity or resilience programs in complex or rapidly evolving environments.
- Familiarity with regulatory or industry frameworks (e.g., ISO 22301, NIST, DORA, FFIEC) relevant to business continuity and resilience planning.
- Hands-on experience with business continuity planning tools, platforms, or methodologies.
- Relevant industry certifications (e.g., CBCP, ISO 22301 Lead Implementer, CRISC, CISM, PMP, or other resilience/cybersecurity certifications).
- A bachelor's degree in a relevant field (e.g., Cybersecurity, Computer Science, Information Systems) or equivalent practical experience
Perks and Benefits
Health and Wellness
- Health Insurance
- Dental Insurance
- Vision Insurance
- HSA
- Life Insurance
- Fitness Subsidies
- Short-Term Disability
- Long-Term Disability
- On-Site Gym
- Mental Health Benefits
- Virtual Fitness Classes
Parental Benefits
- Fertility Benefits
- Adoption Assistance Program
- Family Support Resources
Work Flexibility
- Flexible Work Hours
- Hybrid Work Opportunities
Office Life and Perks
- Casual Dress
- Snacks
- Pet-friendly Office
- Happy Hours
- Some Meals Provided
- Company Outings
- On-Site Cafeteria
- Holiday Events
Vacation and Time Off
- Paid Vacation
- Paid Holidays
- Personal/Sick Days
- Leave of Absence
Financial and Retirement
- 401(K) With Company Matching
- Performance Bonus
- Company Equity
Professional Development
- Promote From Within
- Access to Online Courses
- Leadership Training Program
- Associate or Rotational Training Program
- Mentor Program
Diversity and Inclusion
- Diversity, Equity, and Inclusion Program
- Employee Resource Groups (ERG)
Company Videos
Hear directly from employees about what it is like to work at TikTok.