Governance, Risk, & Compliance (GRC) Security Strategy and Metrics Senior Analyst - Global Security Organization

The mission of TikTok's Global Security Organization is to build and earn trust by reducing risk and securing our businesses and products. Also known as "GSO", this team is the foundation of our efforts to keep TikTok safe, secure, and operating at scale for over 1 billion people around the world. We work to ensure that the TikTok platform is safe and secure, that our users' experience and their data remains safe from external or internal threats, and that we comply with global regulations wherever TikTok operates.

Trust is one of TikTok's biggest initiatives, and security is integral to our success. In whatever ways users interact with us — whether they're watching videos on their For You page, interacting with a Live video, or buying products on TikTok Shop — GSO protects their data and privacy, so they can have a secure and trustworthy experience.

he Security Governance, Risk, and Compliance team is responsible for working closely with cross-functional partners to manage security risks to ensure we meet all industry cybersecurity compliance standards and government regulations through developing governing policies, implementing the security control framework, conducting security risk and control assessments, and staying up-to-date on global compliance initiatives.
Role
The Cybersecurity Strategy and Metrics Senior Analyst plays a critical role in supporting the development and execution of strategic initiatives and metrics programs across TikTok’s Global Security Organization. You will help define what “best-in-class” looks like for a rapidly growing global cybersecurity team by driving data-informed decision-making, maturity modeling, and performance measurement. This role involves working closely with cross-functional stakeholders to align cybersecurity efforts with broader organizational goals while contributing to the department’s strategic direction and operational excellence. You would be a great fit for this role if you are enthusiastic about:
1. Using data and metrics to tell compelling stories and influence decisions at the highest levels of leadership
2. Thriving in a fast-paced, ambiguous environment with a passion for building frameworks and programs from the ground up
3. Collaborating with technical and non-technical stakeholders to build visibility and alignment around cybersecurity goals and performance

Responsibilities
As a Cybersecurity Strategy and Metrics Senior Analyst, you will be responsible for:
- Supporting the development and execution of the department-wide cybersecurity strategy and multi-year maturity roadmap
- Designing and maintaining cybersecurity performance measurement frameworks, including department KPIs, KRIs, OKRs, and executive dashboards
- Developing maturity models and measurement tools to assess and monitor cybersecurity capabilities across teams and functions
- Providing regular reporting and briefings to leadership, summarizing progress against strategic goals, identifying areas for improvement, and recommending adjustments
- Conducting benchmarking and trend analysis to assess the organization’s performance relative to industry standards and peers
- Partnering with leadership to identify strategic gaps and support initiative development, prioritization, and tracking
- Supporting strategic planning cycles, initiative management, and documentation efforts that align with both security and business priorities