Senior Data Loss Prevention Engineer - USDS

About the Role
As a Senior Data Loss Prevention (DLP) Engineer, you will play a critical role in delivering TikTok's DLP program objectives by implementing, managing, and optimizing TikTok's DLP technology stack. Reporting directly to the lead of US Data Identity and Access Management, you will collaborate across cybersecurity, privacy, engineering, and data protection teams to safeguard sensitive data in compliance with geographical regulations, contractual commitments, and confidentiality requirements.

This role requires expertise in enterprise DLP technology deployments, a deep understanding of DLP strategies and capabilities, and the ability to respond swiftly and accurately to DLP alerts. You will also act as a key communicator, translating technical insights into actionable business value for stakeholders.

Responsibilities:
- Assist in supporting Data Loss Prevention (DLP) technology solutions to protect TikTok data across servers, endpoints, and cloud environments
- Create and maintain technical architecture diagrams to support DLP landscape
- Scripting and data analysis for alerting fidelity and use case development
- Configure and deploy infrastructure as needed to meet DLP program goals
- Interface with Operations and Engineering colleagues to ensure proper maintenance of DLP infrastructure (baseline hardening, system patching, back-ups, etc.)
- Design and configure DLP endpoint agent software packages
- Establish relationships with key stakeholders across multiple business units to develop, deploy, and operate effective DLP solutions
- Assist in the integration of DLP technology with SIEM, UBA, Insider Risk tools, or other relevant technologies
- Investigate and improve detection technologies focused on theft or loss of consumer data, employee data, business sensitive data, and/or intellectual property
- Support any DLP-related audit or controls testing processes

Qualifications

Minimum Qualifications:
- Bachelor's degree or equivalent industry experience in cybersecurity, security architecture, or engineering.
- 5+ years of experience in Information Security, including Security Operations, Data Loss Prevention, or Insider Risk.
- Proven experience deploying, configuring, and maintaining enterprise DLP systems and expertise in data protection technologies such as DLP (Endpoint, Network, and Email), User Behavior Analytics (UBA), and Cloud Access Security Brokers (CASB).
- Experience with automation processes, scripting and API integrations.
- Strong ability to communicate the business value of DLP programs to executive stakeholders.
- Demonstrated ability to work collaboratively within cross-functional teams to align security goals.
- Ability to stay current with emerging cybersecurity technologies and industry trends.

Preferred Qualifications
- Industry certifications such as CISSP, CCSP, AWS Certification, GIAC Security Operations Certified (GSOC), GSEC, or Security+.
- Familiarity with source code management tools (e.g., GitHub, Bitbucket).
- Experience with endpoint configuration tools and Managed Device platforms (e.g., Jamf, Workspace ONE).
- Knowledge of securing data across SaaS and IaaS cloud platforms (e.g., AWS, Google Cloud Platform).
- Familiarity with database technologies such as Graph databases, Kafka queues, Redis, MongoDB, and other non-relational databases.

Job Information

[For Pay Transparency] Compensation Description (annually)

The base salary range for this position in the selected city is $118000 - $196000 annually.

Compensation may vary outside of this range depending on a number of factors, including a candidate's qualifications, skills, competencies and experience, and location. Base pay is one part of the Total Package that is provided to compensate and recognize employees for their work, and this role may be eligible for additional discretionary bonuses/incentives, and restricted stock units.

Benefits may vary depending on the nature of employment and the country work location. Employees have day one access to medical, dental, and vision insurance, a 401(k) savings plan with company match, paid parental leave, short-term and long-term disability coverage, life insurance, wellbeing benefits, among others. Employees also receive 10 paid holidays per year, 10 paid sick days per year and 17 days of Paid Personal Time (prorated upon hire with increasing accruals by tenure).

The Company reserves the right to modify or change these benefits programs at any time, with or without notice.

For Los Angeles County (unincorporated) Candidates:

Qualified applicants with arrest or conviction records will be considered for employment in accordance with all federal, state, and local laws including the Los Angeles County Fair Chance Ordinance for Employers and the California Fair Chance Act. Our company believes that criminal history may have a direct, adverse and negative relationship on the following job duties, potentially resulting in the withdrawal of the conditional offer of employment:

1. Interacting and occasionally having unsupervised contact with internal/external clients and/or colleagues;

2. Appropriately handling and managing confidential information including proprietary and trade secret information and access to information technology systems; and

3. Exercising sound judgment.