Team Intro The USDS Privacy and Integrated Security team is responsible for overseeing and governing all activities of privacy impacts to TikTok USDS' operations. - We address complex and cutting-edge challenges, aiming to build the world's most trusted social media platform. - We partner with TikTok global legal, R&D, Privacy and Data Protection Office, and security organizations in advancing our privacy practices. - We oversee, govern and support the integration and optimization of operational privacy capabilities including data inventory, data classification, data retention/deletion, and incident response, etc., to ensure scalable and compliant privacy and data protection practices. We seek a highly motivated, experienced, and dynamic professional to join our team. This is an opportunity to work on the most innovative platform in the industry, strengthening security and privacy, in our mission to Inspire Creativity and Enrich Lives. In order to enhance collaboration and cross-functional partnerships, among other things, at this time, our organization follows a hybrid work schedule that requires employees to work in the office 3 days a week, or as directed by their manager/department. We regularly review our hybrid work model, and the specific requirements may change at any time. As a direct report to the Head of Privacy and Integrated Security Department, the Privacy Program Manager, is a program leader at the forefront of ensuring adherence to privacy regulations and building trust on the TikTok US platform. You will play a pivotal role in overseeing and supporting the USDS privacy program under the broad security, privacy and compliance context. You will collaborate with global and US cross-functional teams to lead and facilitate privacy program objectives, and measure the impact of our strategic decisions and operational executions on the privacy posture of the TikTok US platform. The ideal candidate possesses a robust understanding of security, privacy, and technical solutions. They understand how solutions fit into operations, be able to drive GAP analysis, be able to drive solution integration and the maturity of operational capabilities. Responsibilities - Collaborate with global PDPO and USDS teams to ensure alignment with the global privacy compliance framework (PCF). Promote the global framework within USDS operating arms. - Actively support privacy compliance assessments, identifying gaps in the alignment of operations with the global Privacy Compliance Framework (PCF), including privacy controls and safeguards across a broad spectrum of products. - Based on identified gaps, draft and implement necessary policies, processes, and Standard Operating Procedures (SOPs) to formalize privacy practice and improve privacy operations at USDS, continuously improving USDS privacy posture while contributing to the broader global privacy framework. - Drive and support privacy risk analysis with a focus on driving risk reduction. Provide actionable recommendations to mitigate identified risks and enhance privacy posture. - Support the management and communication of privacy risk findings and mitigation strategies with partner teams and leadership - Build strong relationships with global and US stakeholders. Build rapport with R&D/PDPO and USDS privacy operations. Champion privacy best practices of global impacts and integrate them into USDS operations. - Demonstrate empathy towards business and engineering cost considerations while advocating robust privacy practices. - Develop impactful metrics, measure the coverage and effect of the US privacy program. - Engage in special projects and additional responsibilities may be needed as the team expands and capabilities are enhanced.
Minimum Qualifications - Bachelor's degree in Computer Science, Information Security, or a related field. Candidates with significant relevant experience in security, privacy and data protection fields will also be considered in lieu of a formal degree. - 5+ years of experience in leading or managing technical projects. Ability to collaborate effectively with and influence cross-functional stakeholders. - Strong understanding of privacy frameworks (e.g., GDPR, CCPA), privacy by design principles, and data protection capabilities. - Must have in-depth knowledge of security-in-depth principles as the foundation of privacy controls. Ability and willingness to explore security mechanisms in building and integrating privacy controls. - Strategic thinking and problem-solving abilities. Excellent communication and interpersonal skills, with the ability to build strong relationships with diverse stakeholders. - Must be adaptable and able to navigate through ambiguity and vagueness within a large complex organization. Preferred Qualifications - Experience in the social media industry. - Experience in a global R&D setting - Knowledge of data governance - Certifications such as CISSP, CDPSE, CIPT, CIPP, CIPM
Read Full Description