TikTok
Information Security and Incident Response Counsel
Responsibilities
About the Team: Our Global Product and Privacy team provides key support for TikTok’s initiatives, products, and platforms, offering guidance and compliance support for global privacy and regulatory matters including information security and data privacy. The TikTok Information Security & Incident Response Legal team seeks a seasoned legal professional to support privacy and information security matters across TikTok and Bytedance.
Responsibilities:
Lead the global legal response to cybersecurity incidents by coordinating with cross-functional teams (regional legal teams, IT, compliance, and external stakeholders) to ensure a consistent and effective approach across jurisdictions.
Collaborate with regional counsel to provide jurisdiction-specific legal advice, ensuring compliance with data breach notification laws, regulatory requirements, and industry standards globally.
Develop and oversee incident response strategies by counseling internal stakeholders on legal implications, risk mitigation, and regulatory considerations throughout the incident lifecycle (investigation, containment, remediation).
Draft, review, and coordinate regulatory and user notifications in alignment with applicable legal requirements, ensuring accurate and timely communication to impacted parties and regulators.
Coordinate post-incident reports and lead after-action reviews to identify gaps, implement lessons learned, and improve incident response policies and playbooks.
Design and maintain incident response playbooks tailored to legal and regulatory requirements across jurisdictions.
Lead and participate in tabletop exercises and simulations to test and refine incident response readiness, providing legal insights to strengthen protocols and mitigate risks.
Provide proactive legal counsel on cybersecurity risk mitigation strategies, including contract reviews, vendor management, and policy development.
Monitor evolving global cybersecurity and privacy regulations to keep incident response practices compliant with industry best practices.
Develop and deliver training for internal teams on legal requirements, privilege considerations, and best practices in incident response and cybersecurity risk management.
Qualifications
Minimum Qualifications:
Bachelor’s degree plus a Juris Doctorate from an ABA-accredited law school.
Proven background and substantial experience in information security and data privacy incident response, including investigations, notification determinations, and remediation actions.
Extensive experience at a law firm and/or in-house counsel at an enterprise technology or leading consumer-facing digital application (ideally including user-generated content).
Preferred Qualifications:
Experience with EU and UK GDPR and NIS2 is a plus.
Experience working with international teams across time zones in a cross-functional environment.
Strong documentation, presentation, and communication skills in a global role.
About TikTok
TikTok is the leading destination for short-form mobile video. Our mission is to inspire creativity and bring joy. TikTok’s global headquarters are in Los Angeles and Singapore, with offices worldwide.
Why Join Us
We strive to inspire creativity and bring joy through a diverse, collaborative team. We value curiosity, humility, and a willingness to learn, with an emphasis on impact at scale in a rapidly growing tech company.
Diversity & Inclusion
TikTok is committed to an inclusive space where employees are valued for their skills and perspectives. We celebrate diverse voices to reflect the communities we reach.
TikTok Accommodation
TikTok provides reasonable accommodations in our recruitment processes for candidates with disabilities or other protected reasons. If you need assistance or a reasonable accommodation, please contact us at the provided accommodation link.
Job Information
Compensation and benefits vary by location. Base pay is part of the total package and may include bonuses, stock units, and other incentives. Benefits typically include health insurance, retirement plans, parental leave, disability coverage, life insurance, and paid time off. Details are provided during recruitment and may change over time.
We reserve the right to modify or change these programs at any time, with or without notice.
For applicants in Los Angeles County (unincorporated): Qualified applicants with arrest or conviction records will be considered in accordance with applicable laws, including the Los Angeles County Fair Chance Ordinance for Employers and the California Fair Chance Act. Statements regarding criminal history relate to job duties and potential impact on responsibilities, not to exclusion from consideration.
#J-18808-Ljbffr
About the Team: Our Global Product and Privacy team provides key support for TikTok’s initiatives, products, and platforms, offering guidance and compliance support for global privacy and regulatory matters including information security and data privacy. The TikTok Information Security & Incident Response Legal team seeks a seasoned legal professional to support privacy and information security matters across TikTok and Bytedance.
Responsibilities:
Lead the global legal response to cybersecurity incidents by coordinating with cross-functional teams (regional legal teams, IT, compliance, and external stakeholders) to ensure a consistent and effective approach across jurisdictions.
Collaborate with regional counsel to provide jurisdiction-specific legal advice, ensuring compliance with data breach notification laws, regulatory requirements, and industry standards globally.
Develop and oversee incident response strategies by counseling internal stakeholders on legal implications, risk mitigation, and regulatory considerations throughout the incident lifecycle (investigation, containment, remediation).
Draft, review, and coordinate regulatory and user notifications in alignment with applicable legal requirements, ensuring accurate and timely communication to impacted parties and regulators.
Coordinate post-incident reports and lead after-action reviews to identify gaps, implement lessons learned, and improve incident response policies and playbooks.
Design and maintain incident response playbooks tailored to legal and regulatory requirements across jurisdictions.
Lead and participate in tabletop exercises and simulations to test and refine incident response readiness, providing legal insights to strengthen protocols and mitigate risks.
Provide proactive legal counsel on cybersecurity risk mitigation strategies, including contract reviews, vendor management, and policy development.
Monitor evolving global cybersecurity and privacy regulations to keep incident response practices compliant with industry best practices.
Develop and deliver training for internal teams on legal requirements, privilege considerations, and best practices in incident response and cybersecurity risk management.
Qualifications
Minimum Qualifications:
Bachelor’s degree plus a Juris Doctorate from an ABA-accredited law school.
Proven background and substantial experience in information security and data privacy incident response, including investigations, notification determinations, and remediation actions.
Extensive experience at a law firm and/or in-house counsel at an enterprise technology or leading consumer-facing digital application (ideally including user-generated content).
Preferred Qualifications:
Experience with EU and UK GDPR and NIS2 is a plus.
Experience working with international teams across time zones in a cross-functional environment.
Strong documentation, presentation, and communication skills in a global role.
About TikTok
TikTok is the leading destination for short-form mobile video. Our mission is to inspire creativity and bring joy. TikTok’s global headquarters are in Los Angeles and Singapore, with offices worldwide.
Why Join Us
We strive to inspire creativity and bring joy through a diverse, collaborative team. We value curiosity, humility, and a willingness to learn, with an emphasis on impact at scale in a rapidly growing tech company.
Diversity & Inclusion
TikTok is committed to an inclusive space where employees are valued for their skills and perspectives. We celebrate diverse voices to reflect the communities we reach.
TikTok Accommodation
TikTok provides reasonable accommodations in our recruitment processes for candidates with disabilities or other protected reasons. If you need assistance or a reasonable accommodation, please contact us at the provided accommodation link.
Job Information
Compensation and benefits vary by location. Base pay is part of the total package and may include bonuses, stock units, and other incentives. Benefits typically include health insurance, retirement plans, parental leave, disability coverage, life insurance, and paid time off. Details are provided during recruitment and may change over time.
We reserve the right to modify or change these programs at any time, with or without notice.
For applicants in Los Angeles County (unincorporated): Qualified applicants with arrest or conviction records will be considered in accordance with applicable laws, including the Los Angeles County Fair Chance Ordinance for Employers and the California Fair Chance Act. Statements regarding criminal history relate to job duties and potential impact on responsibilities, not to exclusion from consideration.
#J-18808-Ljbffr