Data Compliance and Access Operations Senior Analyst
Singapore, Singapore
About TikTok
TikTok is the leading destination for short-form mobile video. At TikTok, our mission is to inspire creativity and bring joy. TikTok's global headquarters are in Los Angeles and Singapore, and its offices include New York, London, Dublin, Paris, Berlin, Dubai, Jakarta, Seoul, and Tokyo.
Why Join Us
Creation is the core of TikTok's purpose. Our products are built to help imaginations thrive. This is doubly true of the teams that make our innovations possible. Together, we inspire creativity and enrich life - a mission we aim towards achieving every day. To us, every challenge, no matter how ambiguous, is an opportunity; to learn, to innovate, and to grow as one team. Status quo? Never. Courage? Always. At TikTok, we create together and grow together. That's how we drive impact-for ourselves, our company, and the users we serve. Join us.
GSO INTRO
The mission of TikTok's Global Security Organization is to build and earn trust by reducing risk and securing our businesses and products. Also known as "GSO", this team is the foundation of our efforts to keep TikTok safe, secure, and operating at scale for over 1 billion people around the world. We work to ensure that the TikTok platform is safe and secure, that our users' experience and their data remains safe from external or internal threats, and that we comply with global regulations wherever TikTok operates.
Trust is one of TikTok's biggest initiatives, and security is integral to our success. In whatever ways users interact with us — whether they're watching videos on their For You page, interacting with a Live video, or buying products on TikTok Shop — GSO protects their data and privacy, so they can have a secure and trustworthy experience.
TikTok is seeking a Senior Analyst for Access Operations to be part of the Data Protection team and will be responsible for overseeing operations and management of data access and data transfer requests to validate compliance with relevant company policy, geographical regulation, contractual commitments, and confidentiality requirements.
As a direct report to the Access Management and Compliance Lead within the Global Security Organization, you are part of a team that manages the security of TikTok data through access management processes and controls across the entire data lifecycle, from creation to destruction.
Further, you will oversee policies and procedures for managing access based and will ingest organizational policies to create enforcement mechanisms. This will entail understanding requirements, designing controls, and ultimately managing the on-going operation of those controls.
The candidate must be skilled in conducting technical analysis of access policies, rules, and permissions as well as evaluating appropriateness of roles and transactions. The candidate must also have the ability to communicate well, motivate and lead cross-functional teams independently, participate in coordinating response and defensive actions as it relates to identity and access assurance, and disseminate security information as appropriate in support of TikTok's critical business, go to market, and operational infrastructure needs.
Responsibilities
- Build and review technical and functional requirements for in-house or external technologies to support access management and assurance needs
- Design and implement access management and validation programs (people, process, and technology) to mitigate security threats and risks related to access that may impact business data through a holistic global program-oriented approach
- Design and implement the access review process, ensuring that access is reviewed regularly, both for appropriateness of access as well as privilege levels for all users
- Guide the team in developing use cases and integrating access management technologies with related cybersecurity technologies (e.g., security incident and event management, data classification, vulnerability management, identity management, authentication requirements)
- Create reporting and response execution for Access Management processes
- Deliver projects in alignment with established guidelines for data security and data regionalization across global regions
- Provide input in cross-functional Legal and Engineering engagements where security operations are required to advance Global Security-Data Protection owned projects
TikTok is the leading destination for short-form mobile video. At TikTok, our mission is to inspire creativity and bring joy. TikTok's global headquarters are in Los Angeles and Singapore, and its offices include New York, London, Dublin, Paris, Berlin, Dubai, Jakarta, Seoul, and Tokyo.
Why Join Us
Creation is the core of TikTok's purpose. Our products are built to help imaginations thrive. This is doubly true of the teams that make our innovations possible. Together, we inspire creativity and enrich life - a mission we aim towards achieving every day. To us, every challenge, no matter how ambiguous, is an opportunity; to learn, to innovate, and to grow as one team. Status quo? Never. Courage? Always. At TikTok, we create together and grow together. That's how we drive impact-for ourselves, our company, and the users we serve. Join us.
GSO INTRO
The mission of TikTok's Global Security Organization is to build and earn trust by reducing risk and securing our businesses and products. Also known as "GSO", this team is the foundation of our efforts to keep TikTok safe, secure, and operating at scale for over 1 billion people around the world. We work to ensure that the TikTok platform is safe and secure, that our users' experience and their data remains safe from external or internal threats, and that we comply with global regulations wherever TikTok operates.
Trust is one of TikTok's biggest initiatives, and security is integral to our success. In whatever ways users interact with us — whether they're watching videos on their For You page, interacting with a Live video, or buying products on TikTok Shop — GSO protects their data and privacy, so they can have a secure and trustworthy experience.
TikTok is seeking a Senior Analyst for Access Operations to be part of the Data Protection team and will be responsible for overseeing operations and management of data access and data transfer requests to validate compliance with relevant company policy, geographical regulation, contractual commitments, and confidentiality requirements.
As a direct report to the Access Management and Compliance Lead within the Global Security Organization, you are part of a team that manages the security of TikTok data through access management processes and controls across the entire data lifecycle, from creation to destruction.
Further, you will oversee policies and procedures for managing access based and will ingest organizational policies to create enforcement mechanisms. This will entail understanding requirements, designing controls, and ultimately managing the on-going operation of those controls.
The candidate must be skilled in conducting technical analysis of access policies, rules, and permissions as well as evaluating appropriateness of roles and transactions. The candidate must also have the ability to communicate well, motivate and lead cross-functional teams independently, participate in coordinating response and defensive actions as it relates to identity and access assurance, and disseminate security information as appropriate in support of TikTok's critical business, go to market, and operational infrastructure needs.
Responsibilities
- Build and review technical and functional requirements for in-house or external technologies to support access management and assurance needs
- Design and implement access management and validation programs (people, process, and technology) to mitigate security threats and risks related to access that may impact business data through a holistic global program-oriented approach
- Design and implement the access review process, ensuring that access is reviewed regularly, both for appropriateness of access as well as privilege levels for all users
- Guide the team in developing use cases and integrating access management technologies with related cybersecurity technologies (e.g., security incident and event management, data classification, vulnerability management, identity management, authentication requirements)
- Create reporting and response execution for Access Management processes
- Deliver projects in alignment with established guidelines for data security and data regionalization across global regions
- Provide input in cross-functional Legal and Engineering engagements where security operations are required to advance Global Security-Data Protection owned projects
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Job stats:
0
0
0
Categories:
Analyst Jobs
Compliance Jobs
Incident Response Jobs
Tags: Compliance Privacy Vulnerability management
Perks/benefits: Career development
Region:
Asia/Pacific
Country:
Singapore
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.
Information Systems Security Officer jobsInformation System Security Officer jobsInformation Security Manager jobsInformation Security Officer jobsSenior Cloud Security Engineer jobsSenior Cybersecurity Engineer jobsSystems Engineer jobsCyber Security Specialist jobsSenior Network Security Engineer jobsIT Security Engineer jobsSystems Administrator jobsSenior Information Security Analyst jobsSecurity Consultant jobsIT Security Analyst jobsChief Information Security Officer jobsSenior Cyber Security Engineer jobsSecurity Specialist jobsInformation System Security Officer (ISSO) jobsInformation Systems Security Engineer jobsThreat Intelligence Analyst jobsCyber Threat Intelligence Analyst jobsSenior Information Security Engineer jobsSenior Penetration Tester jobsCyber Security Architect jobsSecurity Operations Analyst jobs
Encryption jobsTop Secret jobsSplunk jobsSaaS jobsGDPR jobsMalware jobsEDR jobsRMF jobsBash jobsSDLC jobsSQL jobsForensics jobsIDS jobsThreat detection jobsDoDD 8570 jobsFinance jobsIPS jobsIntrusion detection jobsActive Directory jobsITIL jobsCompTIA jobsDocker jobsCRISC jobsTerraform jobsGIAC jobs
OWASP jobsSOC 2 jobsSAP jobsUNIX jobsClearance Required jobsAnsible jobsIndustrial jobsSANS jobsCCSP jobsVPN jobsHIPAA jobsTCP/IP jobsOSCP jobsPolygraph jobsJavaScript jobsIT infrastructure jobsData Analytics jobsBanking jobsJira jobsSOX jobsDNS jobsMachine Learning jobsMITRE ATT&CK jobsVMware jobsNIST 800-53 jobs