TikTok
Infrastructure Security Operation and Validation Architect - Global Security Org
TikTok, San Jose, California, United States, 95199
Overview
Infrastructure Security Operation and Validation Architect - Global Security Organisation The mission of TikTok's Global Security Organization is to build and earn trust by reducing risk and securing our businesses and products. Also known as "GSO", this team is the foundation of our efforts to keep TikTok safe, secure, and operating at scale for over 1 billion people around the world. We work to ensure that the TikTok platform is safe and secure, that our users' experience and their data remains safe from external or internal threats, and that we comply with global regulations wherever TikTok operates. Trust is one of TikTok's biggest initiatives, and security is integral to our success. In whatever ways users interact with us — whether they're watching videos on their For You page, interacting with a Live video, or buying products on TikTok Shop — GSO protects their data and privacy, so they can have a secure and trustworthy experience.
The GSO provides industry-leading security and privacy services to Bytedance, guided by four principles: trust and transparency, business enablement, risk-informed decision-making, and proactive risk reduction. We strive to build sustainable, world-class security capabilities.
Responsibilities
Lead the effort to define and implement TikTok's cloud and data center infrastructure security controls, in a global hybrid-cloud architecture.
Design and implement cloud and infrastructure security control validation frameworks and automation.
Enable the team to optimize TikTok's infrastructure security posture.
Work with TikTok stakeholders to define the right priorities in cloud security.
Review and assess utilization of cloud security tooling, and improve cloud and infrastructure security tool operation cost and efficiency.
Use validation frameworks to identify control gaps, develop and report cloud and infrastructure security metrics, and drive remediation plans to bridge gaps.
Qualifications Minimum Qualifications
Experience in security application, architecting, or operations with at least one cloud provider (GCP, AWS, Azure or OCI), with deep understanding of IAM, zero trust, network security, data encryption, etc.
Familiar with data center security controls and implementation, knowing related industry standards and regulations.
Familiar with cloud security industry standards and best practices (CSA CCM, CIS benchmarks, NIST, etc.), with experience in cloud security standards and regulations.
Experience working closely with compliance and legal teams.
Ability to communicate technical concepts to a broad range of technical and non-technical staff, with strong analytical and problem-solving skills.
Preferred Qualifications
Degree in computer science, information technology, cybersecurity, or a related field.
Certifications in AWS security, GCP security, or similar.
3+ years leading technical teams or projects.
Cloud security automation or security tools development experience.
Experience with Secure SDLC or security governance.
About TikTok TikTok is the leading destination for short-form mobile video. At TikTok, our mission is to inspire creativity and bring joy. TikTok's global headquarters are in Los Angeles and Singapore, and we also have offices in New York City, London, Dublin, Paris, Berlin, Dubai, Jakarta, Seoul, and Tokyo.
Why Join Us Inspiring creativity is at the core of TikTok's mission. Our innovative product is built to help people authentically express themselves, discover and connect — and our global, diverse teams make that possible. We create value for our communities, inspire creativity and bring joy. We lead with curiosity, humility, and a desire to make impact in a rapidly growing tech company. Every challenge is an opportunity to learn and innovate as one team. We are resilient and embrace challenges as they come. By constantly iterating and fostering an "Always Day 1" mindset, we achieve meaningful breakthroughs for ourselves, our company, and our users.
TikTok Accommodation TikTok is committed to providing reasonable accommodations in our recruitment processes for candidates with disabilities or other reasons protected by applicable laws. If you need assistance or a reasonable accommodation, please reach out to us at https://tinyurl.com/RA-request
Job Information For Pay Transparency: The base salary range for this position in the selected city is $147,200 - $269,800 annually. Compensation may vary outside of this range based on qualifications, skills, competencies, experience, and location. Base pay is one part of the Total Package that may include bonuses, incentives, and restricted stock units. Benefits vary by location and employment type, including medical, dental, vision, 401(k) with company match, parental leave, disability coverage, life insurance, wellbeing benefits, paid holidays, paid sick days, and paid personal time. Company reserves the right to modify benefits programs at any time.
Qualified applicants with arrest or conviction records will be considered for employment in accordance with all federal, state, and local laws, including applicable local ordinances. Our company believes that criminal history may have a direct, adverse and negative relationship on job duties, potentially resulting in the withdrawal of the conditional offer of employment.
Seniority level Mid-Senior level
Employment type Full-time
Job function Information Technology
Industries Computer and Network Security
#J-18808-Ljbffr
Infrastructure Security Operation and Validation Architect - Global Security Organisation The mission of TikTok's Global Security Organization is to build and earn trust by reducing risk and securing our businesses and products. Also known as "GSO", this team is the foundation of our efforts to keep TikTok safe, secure, and operating at scale for over 1 billion people around the world. We work to ensure that the TikTok platform is safe and secure, that our users' experience and their data remains safe from external or internal threats, and that we comply with global regulations wherever TikTok operates. Trust is one of TikTok's biggest initiatives, and security is integral to our success. In whatever ways users interact with us — whether they're watching videos on their For You page, interacting with a Live video, or buying products on TikTok Shop — GSO protects their data and privacy, so they can have a secure and trustworthy experience.
The GSO provides industry-leading security and privacy services to Bytedance, guided by four principles: trust and transparency, business enablement, risk-informed decision-making, and proactive risk reduction. We strive to build sustainable, world-class security capabilities.
Responsibilities
Lead the effort to define and implement TikTok's cloud and data center infrastructure security controls, in a global hybrid-cloud architecture.
Design and implement cloud and infrastructure security control validation frameworks and automation.
Enable the team to optimize TikTok's infrastructure security posture.
Work with TikTok stakeholders to define the right priorities in cloud security.
Review and assess utilization of cloud security tooling, and improve cloud and infrastructure security tool operation cost and efficiency.
Use validation frameworks to identify control gaps, develop and report cloud and infrastructure security metrics, and drive remediation plans to bridge gaps.
Qualifications Minimum Qualifications
Experience in security application, architecting, or operations with at least one cloud provider (GCP, AWS, Azure or OCI), with deep understanding of IAM, zero trust, network security, data encryption, etc.
Familiar with data center security controls and implementation, knowing related industry standards and regulations.
Familiar with cloud security industry standards and best practices (CSA CCM, CIS benchmarks, NIST, etc.), with experience in cloud security standards and regulations.
Experience working closely with compliance and legal teams.
Ability to communicate technical concepts to a broad range of technical and non-technical staff, with strong analytical and problem-solving skills.
Preferred Qualifications
Degree in computer science, information technology, cybersecurity, or a related field.
Certifications in AWS security, GCP security, or similar.
3+ years leading technical teams or projects.
Cloud security automation or security tools development experience.
Experience with Secure SDLC or security governance.
About TikTok TikTok is the leading destination for short-form mobile video. At TikTok, our mission is to inspire creativity and bring joy. TikTok's global headquarters are in Los Angeles and Singapore, and we also have offices in New York City, London, Dublin, Paris, Berlin, Dubai, Jakarta, Seoul, and Tokyo.
Why Join Us Inspiring creativity is at the core of TikTok's mission. Our innovative product is built to help people authentically express themselves, discover and connect — and our global, diverse teams make that possible. We create value for our communities, inspire creativity and bring joy. We lead with curiosity, humility, and a desire to make impact in a rapidly growing tech company. Every challenge is an opportunity to learn and innovate as one team. We are resilient and embrace challenges as they come. By constantly iterating and fostering an "Always Day 1" mindset, we achieve meaningful breakthroughs for ourselves, our company, and our users.
TikTok Accommodation TikTok is committed to providing reasonable accommodations in our recruitment processes for candidates with disabilities or other reasons protected by applicable laws. If you need assistance or a reasonable accommodation, please reach out to us at https://tinyurl.com/RA-request
Job Information For Pay Transparency: The base salary range for this position in the selected city is $147,200 - $269,800 annually. Compensation may vary outside of this range based on qualifications, skills, competencies, experience, and location. Base pay is one part of the Total Package that may include bonuses, incentives, and restricted stock units. Benefits vary by location and employment type, including medical, dental, vision, 401(k) with company match, parental leave, disability coverage, life insurance, wellbeing benefits, paid holidays, paid sick days, and paid personal time. Company reserves the right to modify benefits programs at any time.
Qualified applicants with arrest or conviction records will be considered for employment in accordance with all federal, state, and local laws, including applicable local ordinances. Our company believes that criminal history may have a direct, adverse and negative relationship on job duties, potentially resulting in the withdrawal of the conditional offer of employment.
Seniority level Mid-Senior level
Employment type Full-time
Job function Information Technology
Industries Computer and Network Security
#J-18808-Ljbffr