Data Compliance & Privacy Analyst - USDS

$93,860 - $186,200/Yr

Tiktok - Los Angeles, CA

posted about 2 months ago

Full-time - Entry Level
Los Angeles, CA
Computing Infrastructure Providers, Data Processing, Web Hosting, and Related Services

About the position

TikTok is the leading destination for short-form mobile video, and our mission is to inspire creativity and bring joy. U.S. Data Security (USDS) is a subsidiary of TikTok in the U.S., created to enhance focus and governance on our data protection policies and content assurance protocols to ensure the safety of U.S. users. The USDS team is dedicated to providing oversight and protection of the TikTok platform and U.S. user data, allowing millions of Americans to use TikTok for learning, earning, self-expression, and entertainment. The teams within USDS include Trust & Safety, Security & Privacy, Engineering, User & Product Ops, and Corporate Functions, all working together to fulfill this commitment. As a Compliance Analyst within the USDS Security - Risk & Compliance team, you will play a crucial role in managing security compliance in accordance with U.S. compliance requirements and objectives. This position involves mitigating security and compliance risks while maturing USDS operations to meet compliance objectives. You will be responsible for understanding compliance requirements, reviewing data compliance issues, collaborating with various stakeholders, and establishing automated FAQs to address compliance inquiries. Your role will also include identifying security and compliance risks, acting as a compliance advisor, developing KPIs, and utilizing technology to enhance efficiency in responding to business inquiries. This position requires a hybrid work schedule, with employees expected to work in the office three days a week, subject to change based on management direction.

Responsibilities

  • Understand USDS compliance requirements including data security and data governance, and respond to business-driven on-call inquiries.
  • Review and escalate data compliance issues as required via the on-call intake process.
  • Collaborate with TikTok USDS and Global Business Points of Contact (POCs) to discuss data sharing inquiries and provide feedback for compliant operations.
  • Establish and maintain a set of automated FAQs to address compliance-related inquiries.
  • Review and identify security and compliance risks to business units, ensuring appropriate data security procedures and products are implemented in projects and new technology.
  • Act as a compliance advisor and partner to enable business operations and Information Security groups, assisting in the implementation of data security and compliance requirements.
  • Develop and measure KPIs to manage team performance and key compliance risks impacting organizational compliance and regulatory requirements.
  • Use technology to develop automated mechanisms for responding to business inquiries more efficiently.
  • Utilize case management systems to track business inquiries and compliance assessments, facilitating regular team discussions to escalate complex data sharing inquiries.

Requirements

  • 2+ years of work experience in data security, governance programs, or related areas.
  • 2+ years of experience facilitating discussions with business stakeholders or in related client-facing roles.

Nice-to-haves

  • Fluency or proficiency in Mandarin for translating documents and compliance materials.
  • Experience with governance, risk, and compliance projects or implementing data security and governance programs.
  • Ability to communicate compliance requirements and concepts to a broad range of technical and non-technical stakeholders.
  • Experience conducting data-driven compliance assessments, including analyzing data fields and driving compliant business solutions.
  • Strong interpersonal skills, being personable, organized, and able to clearly communicate and collaborate with various stakeholders.
  • Self-motivated individual demonstrating excellent organizational direction, attention to detail, time management, prioritization, problem-solving, leadership, and negotiation skills.
  • Experience using case management, on-call, or GRC platform tools (e.g., JIRA, Archer) to triage compliance or security inquiries.
  • Familiarity with U.S. Regulatory compliance requirements, privacy reporting, or other regulatory compliance reporting.
  • Experience with risk and controls frameworks including ISO 27001, NIST CSF, NIST RMF, FAIR, COBIT, NIST RMF, ISO 31000, etc.
  • Start-up experience and one of the following certifications, or equivalent certifications: CISSP, CISA, CISM, etc.

Benefits

  • 100% premium coverage for employee medical insurance, approximately 75% for dependents, and a Health Savings Account (HSA) with a company match.
  • Dental, Vision, Short/Long term Disability, Basic Life, Voluntary Life, and AD&D insurance plans.
  • Flexible Spending Account (FSA) options for Health Care, Limited Purpose, and Dependent Care.
  • 10 paid holidays per year plus 17 days of Paid Personal Time Off (PPTO) (prorated upon hire and increased by tenure) and 10 paid sick days per year.
  • 12 weeks of paid Parental leave and 8 weeks of paid Supplemental Disability.
  • Mental and emotional health benefits through EAP and Lyra.
  • 401K company match, gym, and cellphone service reimbursements.

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service