Privacy and Data Compliance Specialist - USDS

About TikTok . Data SecurityTikTok is the leading destination for short-form mobile video. Our mission is to inspire creativity and bring joy.

Data Security ( USDS ) is a subsidiary of TikTok in the . This new, security-first division was created to bring heightened focus and governance to our data protection policies and content assurance protocols to keep .

users safe. Our focus is on providing oversight and protection of the TikTok platform and . user data, so millions of Americans can continue turning to TikTok to learn something new, earn a living, express themselves creatively, or be entertained.

The teams within USDS that deliver on this commitment daily span across Trust & Safety, Security & Privacy, Engineering, User & Product Ops, Corporate Functions and more.

Why Join UsCreation is the core of TikTok's purpose. Our platform is built to help imaginations thrive. This is doubly true of the teams that make TikTok possible.

Together, we inspire creativity and bring joy - a mission we all believe in and aim towards achieving every day. To us, every challenge, no matter how difficult, is an opportunity;

to learn, to innovate, and to grow as one team. Status quo? Never. Courage? Always. At TikTok, we create together and grow together.

That's how we drive impact - for ourselves, our company, and the communities we serve. Join us. In order to enhance collaboration and cross-functional partnerships, among other things, at this time, our organization follows a hybrid work schedule that requires employees to work in the office 3 days a week, or as directed by their manager / department.

We regularly review our hybrid work model, and the specific requirements may change at any time. About the TeamThe USDS Privacy and Integrated Security team is responsible for overseeing and governing all activities of privacy impacts to TikTok USDS' operations.

• We address complex and cutting-edge challenges, aiming to build the world's most trusted social media platform. - We partner with TikTok global legal, R&D, Privacy and Data Protection Office (PDPO), and security organizations in advancing our privacy practices.
• We oversee, govern and support the integration and optimization of operational privacy capabilities including data inventory, data classification, data retention / deletion, and incident response, etc.

to ensure scalable, and compliant privacy and data protection practices. We seek a highly motivated, experienced, and dynamic professional to join our team.

This is an opportunity to work on the most innovative platform in the industry, strengthening security and privacy, in our mission to Inspire Creativity and Enrich Lives.

As a direct report to the Head of Privacy and Integrated Security Department, the privacy compliance specialist will be at the forefront of ensuring adherence to privacy regulations and building trust in the TikTok US platform.

This role is pivotal in advancing our privacy practices at USDS, through aligning USDS privacy requirements with the global privacy compliance framework (PCF), working closely with global legal, R&D, Privacy and Data Protection Offices (PDPO) as well as USDS privacy operation teams.

The ideal candidate will have a strong background in privacy compliance assessment, a deep understanding of privacy control mechanisms at the technical layers, and a passion for privacy considerations from an end-user perspective.

Key Responsibilities : - Collaborate with global PDPO to ensure alignment with the global privacy compliance framework (PCF).

Promote the global framework within USDS operating arms. Identify USDS policies, processes and SOPs and develop formalized privacy compliance practices at USDS.

• Conduct privacy control reviews and assessments for a wide range of TikTok products and the US operation platform. Identify and document GAPs in terms of product privacy and operational privacy controls.
• Build strong relationships with global and US stakeholders. Build rapport with R&D / PDPO and US privacy operations. Champion privacy best practices of global impacts and integrate them into USDS operations.
• Support privacy risk assessments with a focus on control implementation. Provide actionable recommendations to mitigate identified risks and enhance privacy compliance.
• Demonstrate empathy towards business and engineering cost considerations while advocating for robust privacy practices.
• Stay informed about the latest privacy trends and best practices within the social media industry.- Engage in special projects and additional responsibilities may be needed as the team expands and capabilities are enhanced.

Minimum Qualifications- Major in information security, computer science, law or a related field. Candidates with significant relevant experience in security, privacy and data protection fields will also be considered in lieu of a formal degree.

• 3-5+ years of compliance experience. Excellent fundamental knowledge of industry standards frameworks (NIST Privacy Framework, ISO 27001, ISO / IEC 27701, NIST RMF, ISO 31000, IAPP guidelines, - Understand the laws and regulations of important countries, such as GDPR, CCPA, COPPA, etc.
• Familiar with PIA / DPIA methods, and able to propose practical and feasible privacy design solutions based on the results of privacy risk assessment, combined with the company's actual business characteristics and technical architecture;
• Those who have presided over GDPR / CCPA external compliance reviews, SOC2, ISO27001, ISO27701 system construction, data governance system construction, etc.

are preferred; - Familiar with common technical features of mobile / web / server / data platforms of Internet platforms.

preference will be given to candidates who are familiar with data governance and data security technology solutions Preferred Qualifications- Certifications such as CIPT, CIPM, CIPP, CISSP, CRISC, etc. are preferred D&I Statement