TikTok
Senior Third Party Security Monitoring Specialist - Governance Risk and Complian
TikTok, Washington, District of Columbia, us, 20022
Senior Third Party Security Monitoring Specialist - Governance Risk and Compliance
Join TikTok’s Global Security Organization (GSO) to build trust by reducing risk and securing our businesses and products. GSO is the foundation for keeping TikTok safe, secure, and operating at scale for over 1 billion users worldwide.
Responsibilities
Secure Integration Design: Review, validate, and architect secure technical integrations with third‑party vendors, including APIs, network tunnels, and cloud configurations.
Continuous Monitoring: Implement and integrate automated monitoring for network logs and configurations.
Resilience Validation: Ensure vendor integrations are redundant, recoverable, and aligned with TikTok’s business continuity and cybersecurity resilience standards.
Risk Mitigation at Scale: Identify and remediate integration risks early in the vendor lifecycle (pre‑onboarding, post‑onboarding, and ongoing operations).
Collaboration & Enablement: Work closely with Procurement, Legal, IT, and business units to embed security into the procurement process and ensure secure third‑party operations.
Minimum Qualifications
Deep technical knowledge of API security, network integrations, cloud configurations, and identity/access management.
Strong technical background in cloud platforms (AWS, GCP, Azure) and securing cloud‑native integrations.
Proficiency in conducting technical and procedural security assessments, with the ability to articulate complex security issues to both technical and non‑technical audiences.
Strong project management skills with a proven ability to manage multiple projects simultaneously, meet deadlines, and work effectively with diverse teams.
Ability to articulate complex security risks and recommendations clearly and concisely to leadership and stakeholders.
Deep understanding of how cybersecurity impacts business operations and the ability to connect technical risks to business outcomes.
Ability to work a hybrid schedule from the Washington, D.C. TikTok Office at least 3 times a week.
Preferred Qualifications
5 years of hands‑on experience in cybersecurity, with proven expertise in network traffic monitoring, threat detection, and security engineering across diverse environments.
Experience in the technology industry.
Relevant industry certifications such as CISSP, CISM, CISA, CRISC, or similar.
A bachelor’s degree in a relevant field (e.g., Cybersecurity, Computer Science, Information Systems) or equivalent practical experience.
Experience with GRC (Governance, Risk, and Compliance) platforms and automation tools used for third‑party risk management.
A solid understanding of cloud security principles (AWS, Azure, GCP) and how they apply to third‑party risk.
About TikTok TikTok is the leading destination for short‑form mobile video. Our mission is to inspire creativity and bring joy. TikTok’s global headquarters are in Los Angeles and Singapore, with offices worldwide.
Why Join Us We strive to do great things with great people, leading with curiosity, humility, and a desire to make an impact. Every challenge is an opportunity to learn and innovate as one team, fostering a resilient and forward‑looking culture.
Diversity & Inclusion TikTok is committed to creating an inclusive space where employees are valued for their unique perspectives. We celebrate diversity and aim to reflect the many communities we reach.
TikTok Accommodation TikTok is committed to providing reasonable accommodations in our recruitment processes for candidates with disabilities, pregnancy, sincerely held religious beliefs, or other protected reasons. If you need assistance, please reach out at https://tinyurl.com/RA-request.
Job Information Compensation Description (Annually) – Washington, DC
The base salary range for this position in the selected city is 132,480 – 242,820 annually. Additional compensation may vary. Base pay is only part of the Total Package, which may include discretionary bonuses, restricted stock units, and benefits such as medical, dental, vision, 401(k), paid parental leave, disability coverage, life insurance, wellbeing benefits, 10 paid holidays per year, 10 paid sick days per year, and 17 days of paid personal time.
#J-18808-Ljbffr
Responsibilities
Secure Integration Design: Review, validate, and architect secure technical integrations with third‑party vendors, including APIs, network tunnels, and cloud configurations.
Continuous Monitoring: Implement and integrate automated monitoring for network logs and configurations.
Resilience Validation: Ensure vendor integrations are redundant, recoverable, and aligned with TikTok’s business continuity and cybersecurity resilience standards.
Risk Mitigation at Scale: Identify and remediate integration risks early in the vendor lifecycle (pre‑onboarding, post‑onboarding, and ongoing operations).
Collaboration & Enablement: Work closely with Procurement, Legal, IT, and business units to embed security into the procurement process and ensure secure third‑party operations.
Minimum Qualifications
Deep technical knowledge of API security, network integrations, cloud configurations, and identity/access management.
Strong technical background in cloud platforms (AWS, GCP, Azure) and securing cloud‑native integrations.
Proficiency in conducting technical and procedural security assessments, with the ability to articulate complex security issues to both technical and non‑technical audiences.
Strong project management skills with a proven ability to manage multiple projects simultaneously, meet deadlines, and work effectively with diverse teams.
Ability to articulate complex security risks and recommendations clearly and concisely to leadership and stakeholders.
Deep understanding of how cybersecurity impacts business operations and the ability to connect technical risks to business outcomes.
Ability to work a hybrid schedule from the Washington, D.C. TikTok Office at least 3 times a week.
Preferred Qualifications
5 years of hands‑on experience in cybersecurity, with proven expertise in network traffic monitoring, threat detection, and security engineering across diverse environments.
Experience in the technology industry.
Relevant industry certifications such as CISSP, CISM, CISA, CRISC, or similar.
A bachelor’s degree in a relevant field (e.g., Cybersecurity, Computer Science, Information Systems) or equivalent practical experience.
Experience with GRC (Governance, Risk, and Compliance) platforms and automation tools used for third‑party risk management.
A solid understanding of cloud security principles (AWS, Azure, GCP) and how they apply to third‑party risk.
About TikTok TikTok is the leading destination for short‑form mobile video. Our mission is to inspire creativity and bring joy. TikTok’s global headquarters are in Los Angeles and Singapore, with offices worldwide.
Why Join Us We strive to do great things with great people, leading with curiosity, humility, and a desire to make an impact. Every challenge is an opportunity to learn and innovate as one team, fostering a resilient and forward‑looking culture.
Diversity & Inclusion TikTok is committed to creating an inclusive space where employees are valued for their unique perspectives. We celebrate diversity and aim to reflect the many communities we reach.
TikTok Accommodation TikTok is committed to providing reasonable accommodations in our recruitment processes for candidates with disabilities, pregnancy, sincerely held religious beliefs, or other protected reasons. If you need assistance, please reach out at https://tinyurl.com/RA-request.
Job Information Compensation Description (Annually) – Washington, DC
The base salary range for this position in the selected city is 132,480 – 242,820 annually. Additional compensation may vary. Base pay is only part of the Total Package, which may include discretionary bonuses, restricted stock units, and benefits such as medical, dental, vision, 401(k), paid parental leave, disability coverage, life insurance, wellbeing benefits, 10 paid holidays per year, 10 paid sick days per year, and 17 days of paid personal time.
#J-18808-Ljbffr