TikTok is the leading destination for short-form mobile video. At TikTok, our mission is to inspire creativity and bring joy.
TikTok's global headquarters are in Los Angeles and Singapore, and its offices include New York, London, Dublin, Paris, Berlin, Dubai, Jakarta, Seoul, and Tokyo.
Why Join UsCreation is the core of TikTok's purpose. Our platform is built to help imaginations thrive. This is doubly true of the teams that make TikTok possible.
Together, we inspire creativity and bring joy - a mission we all believe in and aim towards achieving every day. To us, every challenge, no matter how difficult, is an opportunity;
to learn, to innovate, and to grow as one team. Status quo? Never. Courage? Always. At TikTok, we create together and grow together.
That's how we drive impact - for ourselves, our company, and the communities we serve. Join us. The Global Security Organization provides industry-leading cyber-security and business protection services to TikTok globally.
Our organization employs four principles that guide our strategic and tactical operations. Firstly, we Champion Transparency & Trust by leading the charge in organizational transparency, prioritizing customer trust, and placing user needs first.
Secondly, we aim to maintain Best in Class Global Security by proactively identifying and reducing risks while enabling innovative product development.
We constantly work towards a sustainable world-class security capability. Thirdly, we strive to be a Business Catalyst & Enabler by embodying the DNA of technical innovation and ensuring our Global Security operations are fast and agile.
Finally, we Drive Empowered & Risk-Informed Decision Making by providing our leaders with the necessary information to make agile decisions based on risk.
In order to enhance collaboration and cross-functional partnerships, our organization follows a hybrid work schedule that requires employees to work in the office for 3 days a week, as directed by their manager.
We regularly review our hybrid work model, and the specific requirements may change at any time. As a direct report to the Access Assurance Operations Lead within Data Protection, you will be a part of the team responsible for Data Defense and Access Assurance (DDAA).
As an Access Assurance Senior Operations Analyst, you will be responsible for supporting the Access Assurance Operations Lead along with a team of cross-functional cyber, privacy, engineering, and data protection analysts to define, implement, manage, and measure controls to protect data in accordance with relevant geographical regulations, contractual commitments, and confidentiality requirements.
Responsibilities- Design global access management program that addresses data residency and fine-grained, role-based access requirements and controls as necessitated by business need and regulations- Build and review technical and functional requirements for in-house or external technologies to support access management and assurance needs, including applying appropriate security measures- Design and implement the access review process, ensuring that access is reviewed regularly both for appropriateness of access as well as privilege levels for all users- Implement and enforce mechanisms to proactively monitor, respond and report on inappropriate data access events- Interact with users to define access standards and / or necessary modifications to new or existing access policies or roles in support of data security standards- Develop and maintain data residency and data access requirements and controls as necessitated by business needs and regulations- Develop use cases and integrate access management technologies with related cybersecurity technologies (.
security incident and event management, data classification, vulnerability management)- Support interactions with Risk and Compliance to understand control requirements and provide information to support findings for non-compliance with internal security policies- Responsible for designing and reporting key metrics and visualizations for weekly, monthly and bimonthly cadences across multiple audiences
Minimum Qualifications : - Demonstrate ability to quickly assimilate to new knowledge and remain current on new developments in cybersecurity capabilities and industry knowledge- Experience building and growing a team to meet strategic and tactical objectives;
mentoring and coaching staff- In-depth experience in designing and deploying access management technologies and controls in enterprise-class organizations, including the following : - Access management on Windows and Linux operating systems - Access management on multiple database types (.
MySQL, Hive, Redis) - Securing access to data across multiple geographical locations - Applications built on a microservices architecture - Role and policy based access controls to enforce the principle of least privilege - Provisioning, modifying, and de-provisioning account access - Ability to write scripts, configure tools, work with APIs and databases Preferred Qualifications : - Bachelors’ Degree or industry equivalent work experience- Minimum of 3 years applicable experience