Product Security Operation Specialist - Governance, Global Security Organisation
Singapore, Singapore
Team introduction:
The mission of TikTok's Global Security Organization is to build and earn trust by reducing risk and securing our businesses and products. Also known as "GSO", this team is the foundation of our efforts to keep TikTok safe, secure, and operating at scale for over 1 billion people around the world. We work to ensure that the TikTok platform is safe and secure, that our users' experience and their data remains safe from external or internal threats, and that we comply with global regulations wherever TikTok operates.
Trust is one of TikTok's biggest initiatives, and security is integral to our success. In whatever ways users interact with us — whether they're watching videos on their For You page, interacting with a Live video, or buying products on TikTok Shop — GSO protects their data and privacy, so they can have a secure and trustworthy experience.
About This Role:
SecOps Validation Team (STOV) is responsible for the tools and technologies that support the TikTok infrastructure. STOV oversees technical validation, security operations, and drives engineering enhancements, including the deployment, configuration, and maintenance of security technologies across various domains.
The role will be responsible for design and development of Product Security technical controls required by security policy and regulations. The validation targets include product security of TikTok product family and Secure SDLC process. It will provide a solid foundation to evaluate maturity for TikTok product family and Secure SDLC. This role ensures product security governance is embedded into every stage of development, enabling scalable compliance while fostering collaboration across teams.
Responsibilities:
- Establish and operate a governance committee, aligning cross-functional stakeholders to define unified process strategies.
- Develop and implement accountability frameworks (e.g., RACI) to clarify roles, validation mechanisms, and execution ownership across the product security lifecycle.
- Design and maintain a centralized inventory of product security controls, documenting ownership, integration points, and compliance gaps.
- Drive automated metrics monitoring and reporting mechanisms to ensure adherence to standards.
- Embed product security validation service into business development lifecycle, maintain daily operation, and iterate process flow continuously.
- Assess governance effectiveness, identify optimization opportunities, and integrate controls into existing workflows.
The mission of TikTok's Global Security Organization is to build and earn trust by reducing risk and securing our businesses and products. Also known as "GSO", this team is the foundation of our efforts to keep TikTok safe, secure, and operating at scale for over 1 billion people around the world. We work to ensure that the TikTok platform is safe and secure, that our users' experience and their data remains safe from external or internal threats, and that we comply with global regulations wherever TikTok operates.
Trust is one of TikTok's biggest initiatives, and security is integral to our success. In whatever ways users interact with us — whether they're watching videos on their For You page, interacting with a Live video, or buying products on TikTok Shop — GSO protects their data and privacy, so they can have a secure and trustworthy experience.
About This Role:
SecOps Validation Team (STOV) is responsible for the tools and technologies that support the TikTok infrastructure. STOV oversees technical validation, security operations, and drives engineering enhancements, including the deployment, configuration, and maintenance of security technologies across various domains.
The role will be responsible for design and development of Product Security technical controls required by security policy and regulations. The validation targets include product security of TikTok product family and Secure SDLC process. It will provide a solid foundation to evaluate maturity for TikTok product family and Secure SDLC. This role ensures product security governance is embedded into every stage of development, enabling scalable compliance while fostering collaboration across teams.
Responsibilities:
- Establish and operate a governance committee, aligning cross-functional stakeholders to define unified process strategies.
- Develop and implement accountability frameworks (e.g., RACI) to clarify roles, validation mechanisms, and execution ownership across the product security lifecycle.
- Design and maintain a centralized inventory of product security controls, documenting ownership, integration points, and compliance gaps.
- Drive automated metrics monitoring and reporting mechanisms to ensure adherence to standards.
- Embed product security validation service into business development lifecycle, maintain daily operation, and iterate process flow continuously.
- Assess governance effectiveness, identify optimization opportunities, and integrate controls into existing workflows.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Job stats:
3
0
0
Category:
Compliance Jobs
Tags: Compliance Governance Monitoring Privacy Product security SDLC SecOps
Region:
Asia/Pacific
Country:
Singapore
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.
Information System Security Officer jobsIT Security Analyst jobsSecurity Operations Engineer jobsSenior Cybersecurity Engineer jobsSenior Cloud Security Engineer jobsSenior Security Analyst jobsSenior Information Security Analyst jobsCyber Security Specialist jobsInformation Security Manager jobsSenior Product Security Engineer jobsSenior Network Security Engineer jobsSecurity Consultant jobsSenior Information Security Engineer jobsInformation System Security Officer (ISSO) jobsChief Information Security Officer jobsInformation Systems Security Engineer jobsSecurity Specialist jobsSenior Cyber Security Engineer jobsIT Security Engineer jobsCyber Threat Intelligence Analyst jobsSecurity Operations Analyst jobsSenior Software Engineer jobsSenior IT Auditor jobsCybersecurity Specialist jobsNetwork Engineer jobs
Bash jobsCEH jobsTS/SCI jobsEncryption jobsEDR jobsSDLC jobsSplunk jobsThreat detection jobsMalware jobsRMF jobsTerraform jobsFinance jobsIDS jobsSQL jobsTop Secret jobsCompTIA jobsForensics jobsITIL jobsIPS jobsSOC 2 jobsOWASP jobsActive Directory jobsDocker jobsClearance Required jobsGIAC jobs
CRISC jobsIntrusion detection jobsTCP/IP jobsOSCP jobsAnsible jobsHIPAA jobsVPN jobsMITRE ATT&CK jobsDoDD 8570 jobsZero Trust jobsData Analytics jobsJavaScript jobsSOAR jobsCCSP jobsSOX jobsBanking jobsIT infrastructure jobsJira jobsUNIX jobsDNS jobsIndustrial jobsNIST 800-53 jobsKPIs jobsCISO jobsMachine Learning jobs