Security Specialist, Endpoint and Email Controls Validation
New York, New York, United States
About TikTok
TikTok is the leading destination for short-form mobile video. At TikTok, our mission is to inspire creativity and bring joy. TikTok's global headquarters are in Los Angeles and Singapore, and its offices include New York, London, Dublin, Paris, Berlin, Dubai, Jakarta, Seoul, and Tokyo.
Why Join Us
Creation is the core of TikTok's purpose. Our products are built to help imaginations thrive. This is doubly true of the teams that make our innovations possible. Together, we inspire creativity and enrich life - a mission we aim towards achieving every day. To us, every challenge, no matter how ambiguous, is an opportunity; to learn, to innovate, and to grow as one team. Status quo? Never. Courage? Always. At TikTok, we create together and grow together. That's how we drive impact-for ourselves, our company, and the users we serve. Join us.
The Global Security Organization provides industry-leading cyber-security and business protection services to TikTok globally. Our organization employs four principles that guide our strategic and tactical operations. Firstly, we Champion Transparency & Trust by leading the charge in organizational transparency, prioritizing customer trust, and placing user needs first. Secondly, we aim to maintain Best in Class Global Security by proactively identifying and reducing risks while enabling innovative product development. We constantly work towards a sustainable world-class security capability. Thirdly, we strive to be a Business Catalyst & Enabler by embodying the DNA of technical innovation and ensuring our Global Security operations are fast and agile. Finally, we Drive Empowered & Risk-Informed Decision Making by providing our leaders with the necessary information to make agile decisions based on risk. In order to enhance collaboration and cross-functional partnerships, our organization follows a hybrid work schedule that requires employees to work in the office 3 days a week, as directed by their manager. We regularly review our hybrid work model, and the specific requirements may change at any time.
The Control and Validation team's responsibilities include designing and implementing IT security solutions that address the organization's needs, assessing risks and vulnerabilities, and developing strategies to mitigate them, validation of security technical controls. This role will be responsible for defining enterprise security technical controls and then building technical validations within the TikTok environments to ensure compliance. By implementing the validation of these enterprise security controls, this role will work with GSO GRC and cross functional teams to build a measurable and repeatable process in order to continuously uplift the security posture of our environment.
Responsibilities
- Define measurable technical security controls for the enterprise security environment based on common global frameworks. The enterprise security environment includes employee laptops, email technologies, and common office building computing resources such as conference room tech, servers, and IoT devices.
- Design and implement technical validations to technical security controls in the enterprise security environment using existing infrastructure and utilities, or supplementing with additional technologies as required.
- Work with cross functional teams to identify control gaps and assist those teams with plans for remediation.
TikTok is the leading destination for short-form mobile video. At TikTok, our mission is to inspire creativity and bring joy. TikTok's global headquarters are in Los Angeles and Singapore, and its offices include New York, London, Dublin, Paris, Berlin, Dubai, Jakarta, Seoul, and Tokyo.
Why Join Us
Creation is the core of TikTok's purpose. Our products are built to help imaginations thrive. This is doubly true of the teams that make our innovations possible. Together, we inspire creativity and enrich life - a mission we aim towards achieving every day. To us, every challenge, no matter how ambiguous, is an opportunity; to learn, to innovate, and to grow as one team. Status quo? Never. Courage? Always. At TikTok, we create together and grow together. That's how we drive impact-for ourselves, our company, and the users we serve. Join us.
The Global Security Organization provides industry-leading cyber-security and business protection services to TikTok globally. Our organization employs four principles that guide our strategic and tactical operations. Firstly, we Champion Transparency & Trust by leading the charge in organizational transparency, prioritizing customer trust, and placing user needs first. Secondly, we aim to maintain Best in Class Global Security by proactively identifying and reducing risks while enabling innovative product development. We constantly work towards a sustainable world-class security capability. Thirdly, we strive to be a Business Catalyst & Enabler by embodying the DNA of technical innovation and ensuring our Global Security operations are fast and agile. Finally, we Drive Empowered & Risk-Informed Decision Making by providing our leaders with the necessary information to make agile decisions based on risk. In order to enhance collaboration and cross-functional partnerships, our organization follows a hybrid work schedule that requires employees to work in the office 3 days a week, as directed by their manager. We regularly review our hybrid work model, and the specific requirements may change at any time.
The Control and Validation team's responsibilities include designing and implementing IT security solutions that address the organization's needs, assessing risks and vulnerabilities, and developing strategies to mitigate them, validation of security technical controls. This role will be responsible for defining enterprise security technical controls and then building technical validations within the TikTok environments to ensure compliance. By implementing the validation of these enterprise security controls, this role will work with GSO GRC and cross functional teams to build a measurable and repeatable process in order to continuously uplift the security posture of our environment.
Responsibilities
- Define measurable technical security controls for the enterprise security environment based on common global frameworks. The enterprise security environment includes employee laptops, email technologies, and common office building computing resources such as conference room tech, servers, and IoT devices.
- Design and implement technical validations to technical security controls in the enterprise security environment using existing infrastructure and utilities, or supplementing with additional technologies as required.
- Work with cross functional teams to identify control gaps and assist those teams with plans for remediation.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Job stats:
0
0
0
Tags: Agile Compliance IoT Vulnerabilities
Perks/benefits: Transparency
Region:
North America
Country:
United States
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.
Information Systems Security Officer jobsSenior Cloud Security Engineer jobsInformation System Security Officer jobsInformation Security Specialist jobsSenior Cybersecurity Engineer jobsInformation Security Manager jobsSenior Network Security Engineer jobsSecurity Consultant jobsCyber Security Specialist jobsIT Security Engineer jobsSenior Information Security Analyst jobsSecurity Specialist jobsSenior Cyber Security Engineer jobsSenior Penetration Tester jobsSystems Engineer jobsChief Information Security Officer jobsSystems Administrator jobsStaff Security Engineer jobsInformation System Security Officer (ISSO) jobsIT Security Analyst jobsSenior Product Security Engineer jobsThreat Intelligence Analyst jobsPrincipal Security Engineer jobsInformation Systems Security Engineer jobsCloud Security Architect jobs
Kubernetes jobsDevSecOps jobsGDPR jobsPowerShell jobsEDR jobsIDS jobsSaaS jobsSplunk jobsIPS jobsRMF jobsSQL jobsTop Secret jobsSDLC jobsIntrusion detection jobsBash jobsThreat detection jobsITIL jobsActive Directory jobsDoDD 8570 jobsBanking jobsCompTIA jobsOWASP jobsCRISC jobsDocker jobsFinance jobs
GIAC jobsTCP/IP jobsUNIX jobsClearance Required jobsVPN jobsCISO jobsOSCP jobsIT infrastructure jobsIndustrial jobsTerraform jobsHIPAA jobsSANS jobsJavaScript jobsSOC 2 jobsCCSP jobsMITRE ATT&CK jobsSOAR jobsDNS jobsPolygraph jobsData Analytics jobsJira jobsNIST 800-53 jobsSOX jobsGCIH jobsCryptography jobs