Governance, Risk, & Compliance (GRC) Compliance Assurance Senior Analyst - Global Security Organization
New York, New York, United States
About TikTok
TikTok is the leading destination for short-form mobile video. At TikTok, our mission is to inspire creativity and bring joy. TikTok's global headquarters are in Los Angeles and Singapore, and its offices include New York, London, Dublin, Paris, Berlin, Dubai, Jakarta, Seoul, and Tokyo.
Why Join Us
Creation is the core of TikTok's purpose. Our products are built to help imaginations thrive. This is doubly true of the teams that make our innovations possible. Together, we inspire creativity and enrich life - a mission we aim towards achieving every day. To us, every challenge, no matter how ambiguous, is an opportunity; to learn, to innovate, and to grow as one team. Status quo? Never. Courage? Always. At TikTok, we create together and grow together. That's how we drive impact-for ourselves, our company, and the users we serve. Join us.
Team Introduction
The mission of TikTok's Global Security Organization is to build and earn trust by reducing risk and securing our businesses and products. Also known as "GSO", this team is the foundation of our efforts to keep TikTok safe, secure, and operating at scale for over 1 billion people around the world. We work to ensure that the TikTok platform is safe and secure, that our users' experience and their data remains safe from external or internal threats, and that we comply with global regulations wherever TikTok operates.
Trust is one of TikTok's biggest initiatives, and security is integral to our success. In whatever ways users interact with us — whether they're watching videos on their For You page, interacting with a Live video, or buying products on TikTok Shop — GSO protects their data and privacy, so they can have a secure and trustworthy experience.
The Governance, Risk, & Compliance team is responsible for working closely with cross-functional partners to manage security risks. We support our cross-functional partners in meeting all industry cybersecurity compliance standards and government regulations by developing governing policies, implementing our security control framework, conducting security risk and control assessments, and staying up-to-date on global compliance initiatives.
The Governance, Risk, & Compliance (GRC) Compliance Assurance Senior Analyst will be responsible for control testing and monitoring, identifying control gaps and issues, providing recommendations on remediation, and facilitating internal and external audits. Additionally, this individual will provide support for various security compliance projects to improve the maturity of the compliance program. You would be a great for this role if you:
- Have a strong security controls and compliance mindset with experience in identifying, evaluating, and testing controls against leading security frameworks such as ISO 27001, SOC 2, PCI DSS, and others
- Enjoy fostering collaboration and cross-functional partnerships to help spread awareness and drive the implementation of cybersecurity controls to mitigate challenging and unique risks with product, engineering, and other business teams
- Thrive in fast-paced environments and can adapt quickly in the face of constantly evolving cybersecurity challenges
- Possess a strong appetite for acquiring new knowledge and skills in cybersecurity and staying up-to-date on emerging trends
- Excel at analyzing complex systems and ideas and breaking these down into easy to understand terms
- Can provide candid and clear feedback on critical cybersecurity initiatives from policies to application designs and much more!
Responsibilities
As a Compliance Assurance Senior Analyst, you will be responsible for:
- Performing control design walkthroughs and operating effectiveness testing for products and business lines against security frameworks such as ISO 27001, SOC 2, PCI-DSS, and others
- Working with control and process owners to understand key processes, controls, supporting evidence, conclusion on controls and potential gaps, and supporting these personnel in preparation for and execution of internal and external audits
- Conducting thorough examinations of people, processes, technologies and key system configurations aligned to controls
- Supporting the scoping and maturity of the cybersecurity compliance program to ensure alignment with industry best practices and regulatory requirements including but not limited to ISO 27001, SOC 2, PCI-DSS, etc.
- Collaborating with and influencing key stakeholders to support, track, and report on remediation efforts
- Communicating with technical and non-technical stakeholders on cybersecurity risk and control topics and program-specific reporting
TikTok is the leading destination for short-form mobile video. At TikTok, our mission is to inspire creativity and bring joy. TikTok's global headquarters are in Los Angeles and Singapore, and its offices include New York, London, Dublin, Paris, Berlin, Dubai, Jakarta, Seoul, and Tokyo.
Why Join Us
Creation is the core of TikTok's purpose. Our products are built to help imaginations thrive. This is doubly true of the teams that make our innovations possible. Together, we inspire creativity and enrich life - a mission we aim towards achieving every day. To us, every challenge, no matter how ambiguous, is an opportunity; to learn, to innovate, and to grow as one team. Status quo? Never. Courage? Always. At TikTok, we create together and grow together. That's how we drive impact-for ourselves, our company, and the users we serve. Join us.
Team Introduction
The mission of TikTok's Global Security Organization is to build and earn trust by reducing risk and securing our businesses and products. Also known as "GSO", this team is the foundation of our efforts to keep TikTok safe, secure, and operating at scale for over 1 billion people around the world. We work to ensure that the TikTok platform is safe and secure, that our users' experience and their data remains safe from external or internal threats, and that we comply with global regulations wherever TikTok operates.
Trust is one of TikTok's biggest initiatives, and security is integral to our success. In whatever ways users interact with us — whether they're watching videos on their For You page, interacting with a Live video, or buying products on TikTok Shop — GSO protects their data and privacy, so they can have a secure and trustworthy experience.
The Governance, Risk, & Compliance team is responsible for working closely with cross-functional partners to manage security risks. We support our cross-functional partners in meeting all industry cybersecurity compliance standards and government regulations by developing governing policies, implementing our security control framework, conducting security risk and control assessments, and staying up-to-date on global compliance initiatives.
The Governance, Risk, & Compliance (GRC) Compliance Assurance Senior Analyst will be responsible for control testing and monitoring, identifying control gaps and issues, providing recommendations on remediation, and facilitating internal and external audits. Additionally, this individual will provide support for various security compliance projects to improve the maturity of the compliance program. You would be a great for this role if you:
- Have a strong security controls and compliance mindset with experience in identifying, evaluating, and testing controls against leading security frameworks such as ISO 27001, SOC 2, PCI DSS, and others
- Enjoy fostering collaboration and cross-functional partnerships to help spread awareness and drive the implementation of cybersecurity controls to mitigate challenging and unique risks with product, engineering, and other business teams
- Thrive in fast-paced environments and can adapt quickly in the face of constantly evolving cybersecurity challenges
- Possess a strong appetite for acquiring new knowledge and skills in cybersecurity and staying up-to-date on emerging trends
- Excel at analyzing complex systems and ideas and breaking these down into easy to understand terms
- Can provide candid and clear feedback on critical cybersecurity initiatives from policies to application designs and much more!
Responsibilities
As a Compliance Assurance Senior Analyst, you will be responsible for:
- Performing control design walkthroughs and operating effectiveness testing for products and business lines against security frameworks such as ISO 27001, SOC 2, PCI-DSS, and others
- Working with control and process owners to understand key processes, controls, supporting evidence, conclusion on controls and potential gaps, and supporting these personnel in preparation for and execution of internal and external audits
- Conducting thorough examinations of people, processes, technologies and key system configurations aligned to controls
- Supporting the scoping and maturity of the cybersecurity compliance program to ensure alignment with industry best practices and regulatory requirements including but not limited to ISO 27001, SOC 2, PCI-DSS, etc.
- Collaborating with and influencing key stakeholders to support, track, and report on remediation efforts
- Communicating with technical and non-technical stakeholders on cybersecurity risk and control topics and program-specific reporting
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Job stats:
0
0
0
Categories:
Analyst Jobs
Compliance Jobs
Tags: Audits Compliance Governance ISO 27001 Monitoring PCI DSS Privacy SOC SOC 2
Perks/benefits: Career development
Region:
North America
Country:
United States
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.
Information Systems Security Officer jobsInformation System Security Officer jobsInformation Security Officer jobsInformation Security Manager jobsSenior Cloud Security Engineer jobsSenior Cybersecurity Engineer jobsCyber Security Specialist jobsIT Security Engineer jobsSystems Engineer jobsSenior Network Security Engineer jobsSystems Administrator jobsSenior Information Security Analyst jobsSecurity Consultant jobsSecurity Specialist jobsSenior Cyber Security Engineer jobsIT Security Analyst jobsChief Information Security Officer jobsInformation System Security Officer (ISSO) jobsThreat Intelligence Analyst jobsInformation Systems Security Engineer jobsSenior Penetration Tester jobsCyber Threat Intelligence Analyst jobsSenior Information Security Engineer jobsCyber Security Architect jobsSecurity Operations Analyst jobs
Encryption jobsSaaS jobsTop Secret jobsGDPR jobsSplunk jobsMalware jobsEDR jobsSDLC jobsRMF jobsBash jobsSQL jobsForensics jobsIDS jobsThreat detection jobsFinance jobsIPS jobsDoDD 8570 jobsIntrusion detection jobsActive Directory jobsITIL jobsCRISC jobsCompTIA jobsTerraform jobsDocker jobsGIAC jobs
OWASP jobsSOC 2 jobsHIPAA jobsCCSP jobsSAP jobsClearance Required jobsSANS jobsUNIX jobsIndustrial jobsVPN jobsAnsible jobsTCP/IP jobsOSCP jobsJavaScript jobsSOX jobsBanking jobsDNS jobsData Analytics jobsPolygraph jobsMachine Learning jobsIT infrastructure jobsJira jobsCISO jobsNIST 800-53 jobsVMware jobs