Senior Business Analyst, Identity & Access Management - Global Security Organization

Responsibilities

The mission of TikTok's Global Security Organization is to build and earn trust by reducing risk and securing our businesses and products. Also known as "GSO", this team is the foundation of our efforts to keep TikTok safe, secure, and operating at scale for over 1 billion people around the world. We work to ensure that the TikTok platform is safe and secure, that our users' experience and their data remains safe from external or internal threats, and that we comply with global regulations wherever TikTok operates.

Trust is one of TikTok's biggest initiatives, and security is integral to our success. In whatever ways users interact with us - whether they're watching videos on their For You page, interacting with a Live video, or buying products on TikTok Shop - GSO protects their data and privacy, so they can have a secure and trustworthy experience.

The GSO provides industry-leading security and privacy services to Bytedance, guided by four principles: trust and transparency, business enablement, risk-informed decision-making, and proactive risk reduction. We strive to build sustainable, world-class security capabilities.

TikTok is seeking a Senior Business Analyst with strong expertise in Identity Governance & Administration (IGA) to support the execution and enhancement of enterprise-wide access certification processes. This role will lead the analysis, planning, and delivery of access reviews and governance initiatives, ensuring alignment with security, compliance, and operational goals.
You will serve as a key bridge between business stakeholders, IAM engineering teams, and legal & compliance functions.

Responsibilities
- Lead the analysis, design, and execution of access certification and periodic review campaigns.
- Collaborate with business, IT, and compliance stakeholders to gather and document requirements.
- Define business processes, functional specifications, and user stories related to access governance.
- Support implementation of access certification capabilities in home-grown IGA tools.
- Drive campaign scoping, schedule, reviewer role assignment, execution, and remediation workflows.
- Analyze certification outcomes and identify areas for improvement in user experience.
- Support User Acceptance Testing (UAT) and defect triage.
- Ensure alignment with regulatory requirements (e.g., NIS2, GDPR, ISO 27001).
- Develop user guides, training materials, and change management documentation.
- Provide regular updates and reporting to stakeholders and leadership.

Qualifications

Minimum Qualifications
- Strong knowledge of IAM principles such as least privilege, policy based access control (PBAC) and Segregation of Duties (SoD).
- Hands-on experience in IGA products with a focus on access certification.
- Experience working with homegrown IAM tools, collaborating with development teams on requirements, design, enhancements and product strategy & roadmap.
- Proven ability to manage enterprise wide end-to-end access review campaigns.
- Excellent communication, documentation, and stakeholder management skills.
- Ability to translate technical concepts into business-friendly language.

Preferred Qualifications
- Bachelor's degree or equivalent industry experience.
- 5+ years in cybersecurity with a focus on Identity Governance & Administration (IGA).
- Familiarity with compliance standards (e.g., NIST, NIS2, GDPR).
- Experience working on leading IGA products like Saviynt or SailPoint is a plus.
- Self-starter able to work independently with minimal supervision.

Job Information

[For Pay Transparency] Compensation Description (annually)

The base salary range for this position in the selected city is $118800 - $196000 annually.

Compensation may vary outside of this range depending on a number of factors, including a candidate's qualifications, skills, competencies and experience, and location. Base pay is one part of the Total Package that is provided to compensate and recognize employees for their work, and this role may be eligible for additional discretionary bonuses/incentives, and restricted stock units.