Tik Tok
Responsibilities
About the Team The USDS Privacy and Integrated Security team is responsible for overseeing and governing all activities of privacy impacts to TikTok USDS' operations. - We address complex and cutting-edge challenges, aiming to build the world's most trusted social media platform. - We partner with TikTok global legal, R&D, privacy and security organizations in advancing our privacy practices. - We oversee, govern and support the integration and optimization of operational privacy capabilities including data inventory, data classification, data retention/deletion, and incident response, etc., to ensure scalable and compliant privacy and data protection practices. We seek a highly motivated, experienced, and dynamic professional to join our team. This is an opportunity to work on the most innovative platform in the industry, strengthening security and privacy, in our mission to Inspire Creativity and Enrich Lives. In order to enhance collaboration and cross-functional partnerships, among other things, at this time, our organization follows a hybrid work schedule that requires employees to work in the office 3 days a week, or as directed by their manager/department. We regularly review our hybrid work model, and the specific requirements may change at any time. Responsibilities We are seeking a technically-minded and business-savvy Privacy Architect to join the Privacy and Integrated Security Team at TikTok USDS. This is a strategic role in an operational environment focused on providing the technical and architectural expertise needed to execute TikTok privacy policies. This role will be a critical partner to both USDS operation teams and business lines who are responsible for operational privacy controls, and our global privacy organizations who are responsible for privacy controls at the product or platform level. The ideal candidate will serve as our on-the-ground technical expert, responsible for applying a systematic framework to ensure that all privacy related services, business processes, and local data flows align with our privacy policies. Reporting Structure: This role will report to the functional pillar lead within the privacy organization. The reporting structure may evolve as the capability grows. Key Responsibilities: - Develop and implement a systematic framework to manage privacy at the operational level across the entire TikTok US landscape. This includes discovering and creating privacy architectural artifacts to establish baselines and conduct gap analyses. - Actively engage with USDS teams to understand their objectives, and operational processes. - Conduct in-depth technical analysis and create or assemble documentation to articulate how and why the business collects and uses private data inside and outside of our platforms and systems. - Creating and maintain documentation that visually maps data flows and identifies key control points, such as focusing on systems and data sharing. - Develop compliant operational solutions and strategies to address privacy risks identified in technology, people and processes. Produce detailed, technical reports for the risk team outlining newly identified architectural gaps, shadow data, or data exposure risks. - Collaborate with business teams to find reasonable and compliant trade-offs between their operational needs and global privacy requirements. - Provide hands-on architectural guidance to operational teams on how to correctly implement privacy controls and address identified technical risks. Create practical, step-by-step guidance and playbooks for operating teams on how to handle common privacy-centric tasks, such as securely exporting data or managing access to a new system. - Provide guidance and support ongoing technical reviews and spot audits of live services and business systems to verify that their configuration and operation are aligned with policies. Deliver findings from technical reviews that confirm a service's configuration (e.g., access controls, data retention settings) is aligned with privacy policies. - Lead and support the effort of developing operational specifications. Provide feedback to global teams to refine and improve privacy policies and solutions based on USDS operations. - Engagement in special projects and additional responsibilities may be needed as the team expands and capabilities are enhanced.
Qualifications
Minimum Qualifications: - Bachelor's degree in Computer Science, Data Science, Information Technology, or a related field, or equivalent practical experience. - 5+ years of experience in a technical role such as product engineering, systems architecture, or data engineering, with a focus on privacy or security. Demonstrated knowledge of major privacy regulations such as GDPR and CCPA. - Must be proficient in creating and interpreting architectural diagrams to communicate holistic design and principles. Demonstrated ability to develop and maintain architectural diagrams (e.g., data flow diagrams, system diagrams) that visually represent data lifecycles, identify areas of privacy risk, and illustrate the implementation of privacy controls in alignment with organizational standards and regulatory requirements. - Strong analytical skills with the ability to identify complex privacy risks in operational processes and systems. Excellent communication and collaboration skills, with the ability to work effectively with both technical and non-technical stakeholders. - Strategic thinking and problem-solving abilities. Must be adaptable and able to navigate through ambiguity and vagueness within a large complex organization. Preferred Qualifications: - Experience in the social media industry. - Experience in a global R&D setting. - Experience with Cloud Security Governance and Micro-services Architecture. - Certifications such as CISSP, CDPSE, CIPT, CIPP, CIPM.
Job Information
[For Pay Transparency] Compensation Description (Annually) - Washington, DC
The base salary range for this position in the selected city is 106920 - 242820 annually.
Compensation may vary outside of this range depending on a number of factors, including a candidate's qualifications, skills, competencies and experience, and location. Base pay is one part of the Total Package that is provided to compensate and recognize employees for their work, and this role may be eligible for additional discretionary bonuses/incentives, and restricted stock units.
Benefits may vary depending on the nature of employment and the country work location. Employees have day one access to medical, dental, and vision insurance, a 401(k) savings plan with company match, paid parental leave, short-term and long-term disability coverage, life insurance, wellbeing benefits, among others. Employees also receive 10 paid holidays per year, 10 paid sick days per year and 17 days of Paid Personal Time (prorated upon hire with increasing accruals by tenure).
The Company reserves the right to modify or change these benefits programs at any time, with or without notice.
About USDS
TikTok is the leading destination for short-form mobile video. Our mission is to inspire creativity and bring joy. U.S. Data Security ("USDS") is a subsidiary of TikTok in the U.S. This new, security-first division was created to bring heightened focus and governance to our data protection policies and content assurance protocols to keep U.S. users safe. Our focus is on providing oversight and protection of the TikTok platform and U.S. user data, so millions of Americans can continue turning to TikTok to learn something new, earn a living, express themselves creatively, or be entertained. The teams within USDS that deliver on this commitment daily span across Trust & Safety, Security & Privacy, Engineering, User & Product Ops, Corporate Functions and more.
Data Security Statement
This role requires the ability to work with and support systems designed to protect sensitive data and information. As such, this role will be subject to strict national security-related screening.
Why Join Us
Inspiring creativity is at the core of TikTok's mission. Our innovative product is built to help people authentically express themselves, discover and connect - and our global, diverse teams make that possible. Together, we create value for our communities, inspire creativity and bring joy - a mission we work towards every day.
We strive to do great things with great people. We lead with curiosity, humility, and a desire to make impact in a rapidly growing tech company. Every challenge is an opportunity to learn and innovate as one team. We're resilient and embrace challenges as they come. By constantly iterating and fostering an "Always Day 1" mindset, we achieve meaningful breakthroughs for ourselves, our company, and our users. When we create and grow together, the possibilities are limitless. Join us.
Diversity & Inclusion
TikTok is committed to creating an inclusive space where employees are valued for their skills, experiences, and unique perspectives. Our platform connects people from across the globe and so does our workplace. At TikTok, our mission is to inspire creativity and bring joy. To achieve that goal, we are committed to celebrating our diverse voices and to creating an environment that reflects the many communities we reach. We are passionate about this and hope you are too.
USDS Reasonable Accommodation
USDS is committed to providing reasonable accommodations in our recruitment processes for candidates with disabilities, pregnancy, sincerely held religious beliefs or other reasons protected by applicable laws. If you need assistance or a reasonable accommodation, please reach out to us at
About the Team The USDS Privacy and Integrated Security team is responsible for overseeing and governing all activities of privacy impacts to TikTok USDS' operations. - We address complex and cutting-edge challenges, aiming to build the world's most trusted social media platform. - We partner with TikTok global legal, R&D, privacy and security organizations in advancing our privacy practices. - We oversee, govern and support the integration and optimization of operational privacy capabilities including data inventory, data classification, data retention/deletion, and incident response, etc., to ensure scalable and compliant privacy and data protection practices. We seek a highly motivated, experienced, and dynamic professional to join our team. This is an opportunity to work on the most innovative platform in the industry, strengthening security and privacy, in our mission to Inspire Creativity and Enrich Lives. In order to enhance collaboration and cross-functional partnerships, among other things, at this time, our organization follows a hybrid work schedule that requires employees to work in the office 3 days a week, or as directed by their manager/department. We regularly review our hybrid work model, and the specific requirements may change at any time. Responsibilities We are seeking a technically-minded and business-savvy Privacy Architect to join the Privacy and Integrated Security Team at TikTok USDS. This is a strategic role in an operational environment focused on providing the technical and architectural expertise needed to execute TikTok privacy policies. This role will be a critical partner to both USDS operation teams and business lines who are responsible for operational privacy controls, and our global privacy organizations who are responsible for privacy controls at the product or platform level. The ideal candidate will serve as our on-the-ground technical expert, responsible for applying a systematic framework to ensure that all privacy related services, business processes, and local data flows align with our privacy policies. Reporting Structure: This role will report to the functional pillar lead within the privacy organization. The reporting structure may evolve as the capability grows. Key Responsibilities: - Develop and implement a systematic framework to manage privacy at the operational level across the entire TikTok US landscape. This includes discovering and creating privacy architectural artifacts to establish baselines and conduct gap analyses. - Actively engage with USDS teams to understand their objectives, and operational processes. - Conduct in-depth technical analysis and create or assemble documentation to articulate how and why the business collects and uses private data inside and outside of our platforms and systems. - Creating and maintain documentation that visually maps data flows and identifies key control points, such as focusing on systems and data sharing. - Develop compliant operational solutions and strategies to address privacy risks identified in technology, people and processes. Produce detailed, technical reports for the risk team outlining newly identified architectural gaps, shadow data, or data exposure risks. - Collaborate with business teams to find reasonable and compliant trade-offs between their operational needs and global privacy requirements. - Provide hands-on architectural guidance to operational teams on how to correctly implement privacy controls and address identified technical risks. Create practical, step-by-step guidance and playbooks for operating teams on how to handle common privacy-centric tasks, such as securely exporting data or managing access to a new system. - Provide guidance and support ongoing technical reviews and spot audits of live services and business systems to verify that their configuration and operation are aligned with policies. Deliver findings from technical reviews that confirm a service's configuration (e.g., access controls, data retention settings) is aligned with privacy policies. - Lead and support the effort of developing operational specifications. Provide feedback to global teams to refine and improve privacy policies and solutions based on USDS operations. - Engagement in special projects and additional responsibilities may be needed as the team expands and capabilities are enhanced.
Qualifications
Minimum Qualifications: - Bachelor's degree in Computer Science, Data Science, Information Technology, or a related field, or equivalent practical experience. - 5+ years of experience in a technical role such as product engineering, systems architecture, or data engineering, with a focus on privacy or security. Demonstrated knowledge of major privacy regulations such as GDPR and CCPA. - Must be proficient in creating and interpreting architectural diagrams to communicate holistic design and principles. Demonstrated ability to develop and maintain architectural diagrams (e.g., data flow diagrams, system diagrams) that visually represent data lifecycles, identify areas of privacy risk, and illustrate the implementation of privacy controls in alignment with organizational standards and regulatory requirements. - Strong analytical skills with the ability to identify complex privacy risks in operational processes and systems. Excellent communication and collaboration skills, with the ability to work effectively with both technical and non-technical stakeholders. - Strategic thinking and problem-solving abilities. Must be adaptable and able to navigate through ambiguity and vagueness within a large complex organization. Preferred Qualifications: - Experience in the social media industry. - Experience in a global R&D setting. - Experience with Cloud Security Governance and Micro-services Architecture. - Certifications such as CISSP, CDPSE, CIPT, CIPP, CIPM.
Job Information
[For Pay Transparency] Compensation Description (Annually) - Washington, DC
The base salary range for this position in the selected city is 106920 - 242820 annually.
Compensation may vary outside of this range depending on a number of factors, including a candidate's qualifications, skills, competencies and experience, and location. Base pay is one part of the Total Package that is provided to compensate and recognize employees for their work, and this role may be eligible for additional discretionary bonuses/incentives, and restricted stock units.
Benefits may vary depending on the nature of employment and the country work location. Employees have day one access to medical, dental, and vision insurance, a 401(k) savings plan with company match, paid parental leave, short-term and long-term disability coverage, life insurance, wellbeing benefits, among others. Employees also receive 10 paid holidays per year, 10 paid sick days per year and 17 days of Paid Personal Time (prorated upon hire with increasing accruals by tenure).
The Company reserves the right to modify or change these benefits programs at any time, with or without notice.
About USDS
TikTok is the leading destination for short-form mobile video. Our mission is to inspire creativity and bring joy. U.S. Data Security ("USDS") is a subsidiary of TikTok in the U.S. This new, security-first division was created to bring heightened focus and governance to our data protection policies and content assurance protocols to keep U.S. users safe. Our focus is on providing oversight and protection of the TikTok platform and U.S. user data, so millions of Americans can continue turning to TikTok to learn something new, earn a living, express themselves creatively, or be entertained. The teams within USDS that deliver on this commitment daily span across Trust & Safety, Security & Privacy, Engineering, User & Product Ops, Corporate Functions and more.
Data Security Statement
This role requires the ability to work with and support systems designed to protect sensitive data and information. As such, this role will be subject to strict national security-related screening.
Why Join Us
Inspiring creativity is at the core of TikTok's mission. Our innovative product is built to help people authentically express themselves, discover and connect - and our global, diverse teams make that possible. Together, we create value for our communities, inspire creativity and bring joy - a mission we work towards every day.
We strive to do great things with great people. We lead with curiosity, humility, and a desire to make impact in a rapidly growing tech company. Every challenge is an opportunity to learn and innovate as one team. We're resilient and embrace challenges as they come. By constantly iterating and fostering an "Always Day 1" mindset, we achieve meaningful breakthroughs for ourselves, our company, and our users. When we create and grow together, the possibilities are limitless. Join us.
Diversity & Inclusion
TikTok is committed to creating an inclusive space where employees are valued for their skills, experiences, and unique perspectives. Our platform connects people from across the globe and so does our workplace. At TikTok, our mission is to inspire creativity and bring joy. To achieve that goal, we are committed to celebrating our diverse voices and to creating an environment that reflects the many communities we reach. We are passionate about this and hope you are too.
USDS Reasonable Accommodation
USDS is committed to providing reasonable accommodations in our recruitment processes for candidates with disabilities, pregnancy, sincerely held religious beliefs or other reasons protected by applicable laws. If you need assistance or a reasonable accommodation, please reach out to us at