TikTok

Cybersecurity Resilience Specialist - Governance Risk and Compliance

TikTok  •  Washington, DC (Onsite)  •  5 months ago
Apply
Save Job
Mark Applied Mark Interviewed Mark Offered
Hide Job Report Job
AI can make mistakes so check important info. Chat history is never stored.

Job Description

The mission of TikTok's Global Security Organization is to build and earn trust by reducing risk and securing our businesses and products. Also known as "GSO", this team is the foundation of our efforts to keep TikTok safe, secure, and operating at scale for over 1 billion people around the world. We work to ensure that the TikTok platform is safe and secure, that our users' experience and their data remains safe from external or internal threats, and that we comply with global regulations wherever TikTok operates.

Trust is one of TikTok's biggest initiatives, and security is integral to our success. In whatever ways users interact with us — whether they're watching videos on their For You page, interacting with a Live video, or buying products on TikTok Shop — GSO protects their data and privacy, so they can have a secure and trustworthy experience.

The Security Strategy, Risk, and Resilience team is responsible for working closely with cross-functional partners to manage security risks and ensure compliance with industry cybersecurity standards and government regulations. This includes developing governing policies, implementing the security control framework, conducting security risk and control assessments, overseeing third-party security management, driving business continuity management, and staying up to date on global compliance initiatives.

Role

As a Security Resilience Specialist, you will be responsible for strengthening TikTok’s operational resilience across internal systems and the third-party ecosystem by integrating security engineering, business continuity, disaster recovery, technical continuity, and vendor risk oversight into a unified cyber-resilience function.

As Security Resilience Specialist, you will be responsible for:

- Conducting Business Impact Analyses (BIAs) and Technology Impact Analyses (TIAs) to map critical business processes, system dependencies, and Recovery Time Objectives/ Recovery Point Objectives (RTOs/RPOs)

- Collaborating with infrastructure, Site Reliability Engineers, and application teams to design, document, and enhance Disaster Recovery (DR) architectures, including failover strategies, backups, replication methods, and multi-region redundancy

- Leading and facilitating cyber-resilience exercises such as failover simulations, recovery validation tests, load/stress assessments, and cyberattack tabletop scenarios

- Identifying, tracking, and remediating third-party risks across the vendor lifecycle (pre-onboarding, operational monitoring, and off-boarding)

- Partnering with Legal, Procurement, IT, and engineering teams to embed security and resilience requirements into procurement, contracting, and onboarding processes

- Reviewing, validating, and architecting secure technical integrations with third-party vendors, including APIs, network connections, cloud configurations, and identity/access patterns
TikTok

About TikTok

Inspire Creativity and Bring Joy

Industry
Arts & Entertainment
Company Size
10,000+ employees
Headquarters
Los Angeles, California
Year Founded
Unknown
Website
tiktok.com
Social Media