TikTok
Responsibilities
PDPO (Privacy and Data Protection Office) is the organization that leads, supervises, and empowers all TikTok privacy work in an accountable and industry‑leading way. This team is the expert in the landscape of privacy risks and is passionate about consulting across the company on implementing the proper safeguards and technical mitigations to ensure our users’ privacy is honored across TikTok’s products and platforms.
Our mission is to protect personal data and privacy for billions of users on the TikTok platform, allowing them to explore, create, and connect with trust. On the path of constructing and consolidating a reliable and resilient tool, framework, architecture, and relative workflow, you will face challenges of ensuring high quality and stability with global multi‑datacenter deployment, high‑concurrency microservices, and global cooperation.
Privacy and security assessment on TikTok’s data protection system to find both privacy and security issues that can affect user data.
Build data protection system threat model to summarise the overall data leakage risks and help engineering teams strengthen the protection system.
Advanced privacy and security topics research.
Qualifications Minimum Qualifications
Experience with web system penetration testing, vulnerability research, and data privacy understanding, including the ability to complete vulnerability finding and verification independently.
Understanding of common web application framework architecture, cloud service architecture, and data storage system architecture, with practical penetration experience on actual web or data protection systems.
Experience with common testing frameworks and tools to perform security testing (e.g., Burp Suite, sqlmap, any SAST or DAST tools).
Five or more years of coding experience in one of the following programming languages: Golang, Python, Java, C/C++.
Five or more years of work experience in web security or data security.
B.S. or M.S. in Computer Science or a relevant certification.
Preferred Qualifications
Public research or papers in privacy or security communities and conferences.
Public CVE ownership or bug bounty hall of fame nomination.
Top winners of well‑known CTF competitions.
About TikTok TikTok is the leading destination for short‑form mobile video. Our mission is to inspire creativity and bring joy. TikTok’s global headquarters are in Los Angeles and Singapore, with additional offices in New York City, London, Dublin, Paris, Berlin, Dubai, Jakarta, Seoul, and Tokyo.
Why Join Us Inspiring creativity is at the core of TikTok’s mission. Our innovative product is built to help people authentically express themselves, discover, and connect. Our global, diverse teams make that possible. We lead with curiosity, humility, and a desire to make an impact in a rapidly growing tech company. Every challenge is an opportunity to learn and innovate as one team. We are resilient and embrace challenges, constantly iterating with an “Always Day 1” mindset to achieve meaningful breakthroughs for ourselves, our company, and our users. Join us to explore limitless possibilities.
Diversity & Inclusion TikTok is committed to creating an inclusive space where employees are valued for their skills, experiences, and unique perspectives. We celebrate diverse voices and aim to create an environment reflecting the many communities we reach.
Accommodation TikTok is committed to providing reasonable accommodations in our recruitment processes for candidates with disabilities, pregnancy, sincerely held religious beliefs, or other reasons protected by applicable laws. If you need assistance or a reasonable accommodation, please reach out to us at
https://tinyurl.com/RA-request .
Job Information For Pay Transparency:
Compensation Description (Annually)
The base salary range for this position in the selected city is $187,040 – $359,720 annually. Compensation may vary outside of this range based on a candidate’s qualifications, skills, competencies and experience, and location. Base pay is one part of the total package that compensates and recognizes employees. This role may be eligible for additional discretionary bonuses/incentives and restricted stock units.
Benefits may vary depending on the nature of employment and the country of work location. Employees receive day‑one access to medical, dental, and vision insurance, a 401(k) plan with company match, paid parental leave, short‑term and long‑term disability coverage, life insurance, wellbeing benefits, and more. Employees also receive 10 paid holidays per year, 10 paid sick days per year, and 17 days of paid personal time (prorated upon hire with increasing accruals by tenure).
The Company reserves the right to modify or change these benefits programs at any time, with or without notice.
For Los Angeles County (unincorporated) Candidates: Qualified applicants with arrest or conviction records will be considered for employment in accordance with all federal, state, and local laws, including the Los Angeles County Fair Chance Ordinance for Employers and the California Fair Chance Act. Criminal history may be a direct, adverse, and negative factor affecting the following job duties: interacting with clients, handling confidential information, and exercising sound judgment.
Seniority level Mid-Senior level
Employment type Full‑time
Job function Engineering and Information Technology
Industries Technology, Information and Internet
#J-18808-Ljbffr
Our mission is to protect personal data and privacy for billions of users on the TikTok platform, allowing them to explore, create, and connect with trust. On the path of constructing and consolidating a reliable and resilient tool, framework, architecture, and relative workflow, you will face challenges of ensuring high quality and stability with global multi‑datacenter deployment, high‑concurrency microservices, and global cooperation.
Privacy and security assessment on TikTok’s data protection system to find both privacy and security issues that can affect user data.
Build data protection system threat model to summarise the overall data leakage risks and help engineering teams strengthen the protection system.
Advanced privacy and security topics research.
Qualifications Minimum Qualifications
Experience with web system penetration testing, vulnerability research, and data privacy understanding, including the ability to complete vulnerability finding and verification independently.
Understanding of common web application framework architecture, cloud service architecture, and data storage system architecture, with practical penetration experience on actual web or data protection systems.
Experience with common testing frameworks and tools to perform security testing (e.g., Burp Suite, sqlmap, any SAST or DAST tools).
Five or more years of coding experience in one of the following programming languages: Golang, Python, Java, C/C++.
Five or more years of work experience in web security or data security.
B.S. or M.S. in Computer Science or a relevant certification.
Preferred Qualifications
Public research or papers in privacy or security communities and conferences.
Public CVE ownership or bug bounty hall of fame nomination.
Top winners of well‑known CTF competitions.
About TikTok TikTok is the leading destination for short‑form mobile video. Our mission is to inspire creativity and bring joy. TikTok’s global headquarters are in Los Angeles and Singapore, with additional offices in New York City, London, Dublin, Paris, Berlin, Dubai, Jakarta, Seoul, and Tokyo.
Why Join Us Inspiring creativity is at the core of TikTok’s mission. Our innovative product is built to help people authentically express themselves, discover, and connect. Our global, diverse teams make that possible. We lead with curiosity, humility, and a desire to make an impact in a rapidly growing tech company. Every challenge is an opportunity to learn and innovate as one team. We are resilient and embrace challenges, constantly iterating with an “Always Day 1” mindset to achieve meaningful breakthroughs for ourselves, our company, and our users. Join us to explore limitless possibilities.
Diversity & Inclusion TikTok is committed to creating an inclusive space where employees are valued for their skills, experiences, and unique perspectives. We celebrate diverse voices and aim to create an environment reflecting the many communities we reach.
Accommodation TikTok is committed to providing reasonable accommodations in our recruitment processes for candidates with disabilities, pregnancy, sincerely held religious beliefs, or other reasons protected by applicable laws. If you need assistance or a reasonable accommodation, please reach out to us at
https://tinyurl.com/RA-request .
Job Information For Pay Transparency:
Compensation Description (Annually)
The base salary range for this position in the selected city is $187,040 – $359,720 annually. Compensation may vary outside of this range based on a candidate’s qualifications, skills, competencies and experience, and location. Base pay is one part of the total package that compensates and recognizes employees. This role may be eligible for additional discretionary bonuses/incentives and restricted stock units.
Benefits may vary depending on the nature of employment and the country of work location. Employees receive day‑one access to medical, dental, and vision insurance, a 401(k) plan with company match, paid parental leave, short‑term and long‑term disability coverage, life insurance, wellbeing benefits, and more. Employees also receive 10 paid holidays per year, 10 paid sick days per year, and 17 days of paid personal time (prorated upon hire with increasing accruals by tenure).
The Company reserves the right to modify or change these benefits programs at any time, with or without notice.
For Los Angeles County (unincorporated) Candidates: Qualified applicants with arrest or conviction records will be considered for employment in accordance with all federal, state, and local laws, including the Los Angeles County Fair Chance Ordinance for Employers and the California Fair Chance Act. Criminal history may be a direct, adverse, and negative factor affecting the following job duties: interacting with clients, handling confidential information, and exercising sound judgment.
Seniority level Mid-Senior level
Employment type Full‑time
Job function Engineering and Information Technology
Industries Technology, Information and Internet
#J-18808-Ljbffr