Senior Cyber Regulatory Advisor

Responsibilities
TikTok is the leading destination for short-form mobile video. Our mission is to inspire creativity and bring joy. TikTok has global offices including Los Angeles, New York, London, Paris, Berlin, Dubai, Singapore, Jakarta, Seoul and Tokyo.

Why Join Us
Creation is the core of TikTok's purpose. Our platform is built to help imaginations thrive. This is doubly true of the teams that make TikTok possible.
Together, we inspire creativity and bring joy - a mission we all believe in and aim towards achieving every day.
To us, every challenge, no matter how difficult, is an opportunity; to learn, to innovate, and to grow as one team. Status quo? Never. Courage? Always.
At TikTok, we create together and grow together. That's how we drive impact - for ourselves, our company, and the communities we serve.
Join us.

The Global Security Organization provides industry-leading cyber-security and business protection services to TikTok globally. Our organization employs four principles that guide our strategic and tactical operations. Firstly, we Champion Transparency & Trust by leading the charge in organizational transparency, prioritizing customer trust, and placing user needs first. Secondly, we aim to maintain Best in Class Global Security by proactively identifying and reducing risks while enabling innovative product development. We constantly work towards a sustainable world-class security capability. Thirdly, we strive to be a Business Catalyst & Enabler by embodying the DNA of technical innovation and ensuring our Global Security operations are fast and agile. Finally, we Drive Empowered & Risk-Informed Decision Making by providing our leaders with the necessary information to make agile decisions based on risk. In order to enhance collaboration and cross-functional partnerships, our organization follows a hybrid work schedule that requires employees to work in the office for 2 to 3 days a week, as directed by their manager. We regularly review our hybrid work model, and the specific requirements may change at any time.

**Roles and Responsibilities**:
Demonstrated Ability to Implement and Uphold Security Practices:

- Work with various risk and controls teams to conduct regular maturity and control assessments to evaluate and report on the current state of security programs, determine their desired objectives, and formulate strategies to achieve them. Ensure that results of these activities are communicated and reported effectively and efficiently to executive leadership to help ensure mitigation.
- Remain informed about forthcoming security obligations, compliance requirements, and relevant laws and regulations, and facilitate their integration within the strategic planning processes.
- Work cross-functionally and with various partners to develop clear, centralized, and easily accessible documentation to evidence critical security programs, decisions, organizations, and functions.

**External Communications and Reporting**:

- Serve and meet as the primary cyber advisor between TikTok's Global Security Organization and external regulators, government bodies and think-tanks on TikTok's global cyber security effort progress and programs.

**Visibility and Reporting**:

- Work with various security partners to understand and develop visibility and reporting into the scope and limitations of current security programs. This will include transparent reporting of inclusions and exclusions. Work to obtain buy-in from senior leadership and build strategies to enhance visibility.

**Organizational Culture and Advocacy**:

- Work with various areas of security and with executive leadership to help cultivate an organizational culture that prioritizes vigilance, open communication, and adherence to the company's security standards and policies.

**Qualifications**:
**Minimum Qualifications**:

- Proven experience in meeting with regulators, government bodies and industry think-tanks in communicating cyber security program efforts
- Partnering with internal counsel and government affairs teams to socialize the progress of a company's cyber security program
- Board of Director and/or Board Audit Committee reporting, regulatory reporting, metrics and OKR management, security governance, compliance, and risk management
- Strong understanding of security, engineering and data protection concepts, industry standards and regulations.
- Excellent communication and leadership skills including proven experience collaborating with an internationally-based team
- Flexibility to proactively address tasks and projects as they arise.
- Ability to work independently and travel internationally as needed.

**Preferred Qualifications**:

- 15+ years in the design, build and operation of global cybersecurity programs and cyber risk management
- Higher degree in a related field (e.g., Information Security, Risk Management, etc.).
- Previous experience as a Chief Information Security Officer or Chief Privacy Officer for global c