Product Security Operation Specialist - Governance, Global Security Organisation
Singapore, Singapore
Team introduction:
The mission of TikTok's Global Security Organization is to build and earn trust by reducing risk and securing our businesses and products. Also known as "GSO", this team is the foundation of our efforts to keep TikTok safe, secure, and operating at scale for over 1 billion people around the world. We work to ensure that the TikTok platform is safe and secure, that our users' experience and their data remains safe from external or internal threats, and that we comply with global regulations wherever TikTok operates.
Trust is one of TikTok's biggest initiatives, and security is integral to our success. In whatever ways users interact with us — whether they're watching videos on their For You page, interacting with a Live video, or buying products on TikTok Shop — GSO protects their data and privacy, so they can have a secure and trustworthy experience.
About This Role:
SecOps Validation Team (STOV) is responsible for the tools and technologies that support the TikTok infrastructure. STOV oversees technical validation, security operations, and drives engineering enhancements, including the deployment, configuration, and maintenance of security technologies across various domains.
The role will be responsible for design and development of Product Security technical controls required by security policy and regulations. The validation targets include product security of TikTok product family and Secure SDLC process. It will provide a solid foundation to evaluate maturity for TikTok product family and Secure SDLC. This role ensures product security governance is embedded into every stage of development, enabling scalable compliance while fostering collaboration across teams.
Responsibilities:
- Establish and operate a governance committee, aligning cross-functional stakeholders to define unified process strategies.
- Develop and implement accountability frameworks (e.g., RACI) to clarify roles, validation mechanisms, and execution ownership across the product security lifecycle.
- Design and maintain a centralized inventory of product security controls, documenting ownership, integration points, and compliance gaps.
- Drive automated metrics monitoring and reporting mechanisms to ensure adherence to standards.
- Embed product security validation service into business development lifecycle, maintain daily operation, and iterate process flow continuously.
- Assess governance effectiveness, identify optimization opportunities, and integrate controls into existing workflows.
The mission of TikTok's Global Security Organization is to build and earn trust by reducing risk and securing our businesses and products. Also known as "GSO", this team is the foundation of our efforts to keep TikTok safe, secure, and operating at scale for over 1 billion people around the world. We work to ensure that the TikTok platform is safe and secure, that our users' experience and their data remains safe from external or internal threats, and that we comply with global regulations wherever TikTok operates.
Trust is one of TikTok's biggest initiatives, and security is integral to our success. In whatever ways users interact with us — whether they're watching videos on their For You page, interacting with a Live video, or buying products on TikTok Shop — GSO protects their data and privacy, so they can have a secure and trustworthy experience.
About This Role:
SecOps Validation Team (STOV) is responsible for the tools and technologies that support the TikTok infrastructure. STOV oversees technical validation, security operations, and drives engineering enhancements, including the deployment, configuration, and maintenance of security technologies across various domains.
The role will be responsible for design and development of Product Security technical controls required by security policy and regulations. The validation targets include product security of TikTok product family and Secure SDLC process. It will provide a solid foundation to evaluate maturity for TikTok product family and Secure SDLC. This role ensures product security governance is embedded into every stage of development, enabling scalable compliance while fostering collaboration across teams.
Responsibilities:
- Establish and operate a governance committee, aligning cross-functional stakeholders to define unified process strategies.
- Develop and implement accountability frameworks (e.g., RACI) to clarify roles, validation mechanisms, and execution ownership across the product security lifecycle.
- Design and maintain a centralized inventory of product security controls, documenting ownership, integration points, and compliance gaps.
- Drive automated metrics monitoring and reporting mechanisms to ensure adherence to standards.
- Embed product security validation service into business development lifecycle, maintain daily operation, and iterate process flow continuously.
- Assess governance effectiveness, identify optimization opportunities, and integrate controls into existing workflows.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Job stats:
2
0
0
Category:
Compliance Jobs
Tags: Compliance Governance Monitoring Privacy Product security SDLC SecOps
Region:
Asia/Pacific
Country:
Singapore
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.
Senior Cloud Security Engineer jobsSecurity Operations Engineer jobsSystems Administrator jobsSenior Cybersecurity Engineer jobsSenior Security Analyst jobsInformation Security Manager jobsCybersecurity Editor jobsSenior Information Security Analyst jobsCybersecurity Content Editor jobsCyber Security Specialist jobsIT Security Analyst jobsSenior Network Security Engineer jobsSenior Information Security Engineer jobsSecurity Consultant jobsInformation System Security Officer (ISSO) jobsSenior Product Security Engineer jobsChief Information Security Officer jobsInformation Systems Security Engineer jobsIT Security Engineer jobsSecurity Specialist jobsCyber Threat Intelligence Analyst jobsSenior Cyber Security Engineer jobsCybersecurity Specialist jobsSenior Software Engineer jobsSenior IT Auditor jobs
EDR jobsJava jobsEncryption jobsTS/SCI jobsCEH jobsSplunk jobsThreat detection jobsTerraform jobsTop Secret jobsIDS jobsMalware jobsSDLC jobsIPS jobsRMF jobsFinance jobsSQL jobsForensics jobsDocker jobsSOC 2 jobsActive Directory jobsIntrusion detection jobsCompTIA jobsOWASP jobsAnsible jobsITIL jobs
CRISC jobsVPN jobsClearance Required jobsHIPAA jobsGIAC jobsTCP/IP jobsIT infrastructure jobsDoDD 8570 jobsJira jobsSOX jobsMITRE ATT&CK jobsOSCP jobsData Analytics jobsBanking jobsSOAR jobsDNS jobsCCSP jobsIndustrial jobsJavaScript jobsZero Trust jobsCISO jobsUNIX jobsGCIH jobsNIST 800-53 jobsSecurity strategy jobs