Responsibilities

The mission of Tik Tok's Global Security Organization is to build and earn trust by reducing risk and securing our businesses and products. Also known as "GSO", this team is the foundation of our efforts to keep Tik Tok safe, secure, and operating at scale for over 1 billion people around the world. We work to ensure that the Tik Tok platform is safe and secure, that our users' experience and their data remains safe from external or internal threats, and that we comply with global regulations wherever Tik Tok operates.

• Trust is one of Tik Tok's biggest initiatives, and security is integral to our success. In whatever ways users interact with us - whether they're watching videos on their For You page, interacting with a Live video, or buying products on Tik Tok Shop
• GSO protects their data and privacy, so they can have a secure and trustworthy experience.

As a direct report to the GSO Client Service Lead, you will become an integral member of a dynamic, global team tasked with managing client security inquiries to support deal negotiations. In addition to this, our team oversees the contract review process, working in close partnership with legal teams to ensure the seamless integration of security terms within agreements. We are also responsible for responding to data protection assessments from our API integration partners, ensuring that all data security and privacy concerns are thoroughly addressed. Our team fosters strong collaboration with cross-functional stakeholders across the organization to align on security best practices, maintain robust client relationships, and uphold the highest standards of security and compliance.

We are working on a hybrid schedule, with an expected 3 days a week in office. We are continuously reviewing our hybrid-working model and requirements are subject to change at any time.

Key Responsibilities

• Independently monitor, manage and respond to external security RFIs to include partner integration security related requests, data protection assessments, and client inquiries, ensuring that responses to the questionnaires are not only prompt, thorough, and accurate but also strategically aligned with our broader security objectives.
• Respond to and handle urgent external security inquiries, requiring cross-functional coordination of responses.
• Drive the development, management, and systematic updating of internal repository, ensuring that they are periodically updated with accuracy.
• Utilize advanced analytics to assess metrics and generate comprehensive reports that provide actionable insights into the effectiveness of the partner integration question repository, informing strategic decision-making at the senior level.
• Lead continuous improvement initiatives within the trust function, identifying process inefficiencies and implementing innovative solutions to drive operational excellence and support organizational growth.
• Engage in ad-hoc projects or other operational work as required.

Qualifications

Minimum Qualifications

• Proven experience in managing the security questionnaire process, ensuring responses are accurate, timely, and aligned with broader risk management objectives.
• Excellent written and verbal communication skills, capable of translating complex technical information into clear, actionable insights for both technical and non-technical stakeholders, including senior leadership.
• A collaborative contributor who thrives in a fast-paced, cross-functional team environment, adept at managing relationships across legal, compliance, product, and engineering teams.
• Solid foundational understanding of security and customer trust concepts, with the ability to apply these principles effectively within an evolving digital landscape.
• Proven ability to manage multiple priorities and projects while demonstrating successful and on-time outcomes consistently, underpinned by strong organizational and time management skills.

Preferred Qualifications

• 5+ years of cybersecurity, GRC, and/or technical compliance roles.
• Industry relevant certification (CISSP, CISA, Security+, etc.)
• Exceptional attention to detail and advanced analytical skills, with a demonstrated ability to leverage data for trend identification and to drive strategic decision-making.
• Accustomed to working in a highly dynamic, startup-like environment. Adaptable to changing and/or emerging priorities.
• Experience balancing security leading practice with business objectives.