As the leading destination for short-form mobile video, TikTok’s mission is to inspire creativity and bring joy.
TikTok is the leading destination for short-form mobile video. Our mission is to inspire creativity and bring joy. TikTok has global offices, including Los Angeles, New York, London, Paris, Berlin, Dubai, Mumbai, Singapore, Jakarta, Seoul, and Tokyo.
The Global Security Organization provides industry leading security and privacy services to TikTok globally. Our organization uses four principles that guide our strategic and tactical operations. First, we champion trust and transparency, leading the charge in organizational transparency and execution of security and privacy capabilities that drive customer trust. Second, we are a business catalyst and enabler, embodying the DNA of technical innovation. Third, We drive risk informed and empowered decision making, giving our business leaders the information needed to make key decisions. Finally, we proactively identify and reduce risk while enabling innovative product development – to consistently build sustainable world-class security capabilities.
The Security & Threat Solutions Architect is responsible for performing day to day security & risk controls analysis to identify appropriate controls requirements and associated specifics needed to suppport the area of focus they are assigned to. This work will require the creation of threat models, risk analysis output, compliance framework reviews/alignments, and business process reviews to identify, document, and generate the appropriate controls requirements. This role requires specific past expertise with security standards framework alignment, threat modeling, security architecture design, and engineering implementation experience.
• Analyzes threats from a security/risk perspective to develop robust security & risk controls requirements to mitigate the risks or threats posed.
• Works with engineering teams to coordinate assignment/turnover of security control requirements to appropriate organizations for implementation.
• Work with Security Controls Verification team to vet controls assurance verification tests/routines to validate appropriate intent/manifestation.
• Documents appropriate controls requirements work in the organization’s tracking & management platform.
Knowledge and Skills
• Excellent analytical and problem-solving skills
• Excellent communication skills (verbal and written), ability to influence without authority
• Ability to balance risks in ambiguous and complex situations
• Demonstrated teamwork and collaboration skills, in particular in contributing to global and multi-functional teams
• Highly motivated to contribute and grow within a complex area of emerging importance
• Understanding of design for software applications running on multiple platforms
• Demonstrates excellent organizational direction, time management, problem-solving, prioritization, goal setting, leadership, motivation, negotiation, and interpersonal relations
• Works well under pressure and within time/budget constraints to solve problems or meet objectives
• Excellent fundamental knowledge of industry standard security frameworks
• Strong analytical/problem solving skills and cross functional knowledge across multiple IT operational and security disciplines
• Ability to communicate technical concepts to a broad range of technical and non-technical staff
• Must possess a high degree of integrity, be trustworthy, and have the ability to lead and inspire change
• Bachelors’ Degree or industry equivalent work experience in international security architecture or engineering in a large multi-national security program
• CISSP certification and 5+ years applicable experience
• Candidates should be an very proficient in Windows, *nix environments, Cloud Platforms (GCP and AWS preferred) as well as Kubernetes/Docker
• Advanced understanding of TCP/IP and network communications
• Advanced systems and network administration skills
• Advanced proficiency in designing, deploying and maintaining security architectures in enterprise class organizations
• Advanced proficiency in computer security incident handling and the Advanced Persistent Threats
• In depth knowledge of computer security forensics and security vulnerabilities
TikTok is committed to creating an inclusive space where employees are valued for their skills, experiences, and unique perspectives. Our platform connects people from across the globe and so does our workplace. At TikTok, our mission is to inspire creativity and bring joy. To achieve that goal, we are committed to celebrating our diverse voices and to creating an environment that reflects the many communities we reach. We believe individuals shouldn’t be disadvantaged because of their background or identity, but instead should be considered based on their strengths and experience. We are passionate about this and hope you are too.