Policies and Standards Analyst

19 Sep, 2021

Jobs

Policies and Standards Analyst

TikTok
Washington, DC
Responsibilities
TikTok is the leading destination for short-form mobile video. Our mission is to inspire creativity and bring joy. TikTok has global offices, including Los Angeles, New York, London, Paris, Berlin, Dubai, Mumbai, Singapore, Jakarta, Seoul, and Tokyo. The Global Security Organization provides industry leading security and privacy services to ByteDance globally. Our organization uses four principles that guide our strategic and tactical operations. First, we champion trust and transparency, leading the charge in organizational transparency and execution of security and privacy capabilities that drive customer trust. Second, we are a business catalyst and enabler, embodying the DNA of technical innovation. Third, We drive risk informed and empowered decision making, giving our business leaders the information needed to make key decisions. Finally, we proactively identify and reduce risk while enabling innovative product development – to consistently build sustainable world-class security capabilities. TikTok is seeking a Policies and Standards Analyst to oversee and support critical Cybersecurity, Information Assurance (IA), and Privacy Operations initiatives for Tiktok and aligned divisions. The position will be responsible for the development of policy, procedures, and standard deliverables. The candidate will also be expected to be an expert in Information Technology (IT) security and data privacy , offering recommendations on projects, programs, and initiatives to ensure compliance with Global, Federal, and Regulatory standards, policy, and IT security metrics. In addition, the candidate must be able to work with stakeholders in functional and technical arenas in support of operational program priorities. The individual should have strong communication skills and be willing to take initiative in a dynamic, collaborative, and client-facing environment. Responsibilities: – Plan, develop, and assist in the coordination and communication of new policies and procedures relevant to the implementation of security guidance and solutions – Document current state policy and procedures, research best practices, identify gaps, and develop target state for IT security oversight process – Provide Cybersecurity and Privacy Operations technical standards advisory services regarding commercial leading practices, relevant strategic initiatives, and emerging technologies/trends – Development of referential architectures and strategies, technical standards, and requirements related to information system security, privacy enfoercment operations, and product data defense projects – Communicate with both technical and functional clients regarding technical solutions and implementation approaches as appropriate – Conduct quantitative security risk analysis in cooperation with TikTok’s Integrated Risk Program – Create and execute project work plans and deliverables for the lifecyle mangment and automation of policies and standards – Estimate level of effort needed to administer and maintain the procedures associated with any recommended security initiatives – Consistently deliver high-quality services and deliverables
Qualifications
– Minimum 5 years of experience in cybersecurity environment – At least 3 years of experience in cybersecurity and privacy policy development, FISMA like activity, and IA activities – Bachelor’s degree in IA/Cybersecurity, Computer Science, Engineering, Mathematics, Management Information Systems or equivalent – Deep understanding of compliance requirements, standards, and guidelines governing security within Government (e.g., ISO, ISMS, NIST publications, FISMA, OMB memoranda) – Deep understanding of ISO 27001,27001, etc and NIST Special Publications; specifically 800-37, 800-53 rev 4, and 800-128 – Familiarity with the System Development Lifecycle (SDLC) and how to implement security into the process properly – Experience with developing IT security and privacy operations metrics to facilitate compliance with global guidelines – Ability to support daily interaction with client management about day-to-day activities and strategic direction – Excellent oral and written communication skills targeted at a variety of technical and non-technical audiences – Documentation experience with the standard MS Office Suite, Visio, Project, and SharePoint – Ability to bring innovative ideas and exercise professional judgment within defined business model, methodologies, and procedures – NIST, FISMA, OMB, SDLC – Excellent analytical and problem-solving skills – Excellent communication skills (verbal and written), ability to influence without authority – Ability to balance risks in ambiguous and complex situations – Demonstrated teamwork and collaboration skills, in particular in contributing to global and multi-functional teams – Highly motivated to contribute and grow within a complex area of emerging importance – Understanding of design for software applications running on multiple platforms – Demonstrates excellent organizational direction, time management, problem-solving, prioritization, goal setting, leadership, motivation, negotiation, and interpersonal relations – Works well under pressure and within time/budget constraints to solve problems or meet objectives – Excellent fundamental knowledge of industry standard security frameworks – Strong analytical/problem solving skills and cross functional knowledge across multiple IT operational and security disciplines – Ability to communicate technical concepts to a broad range of technical and non-technical staff – Must possess a high degree of integrity, be trustworthy, and have the ability to lead and inspire change TikTok is committed to creating an inclusive space where employees are valued for their skills, experiences, and unique perspectives. Our platform connects people from across the globe and so does our workplace. At TikTok, our mission is to inspire creativity and bring joy. To achieve that goal, we are committed to celebrating our diverse voices and to creating an environment that reflects the many communities we reach. We believe individuals shouldn’t be disadvantaged because of their background or identity, but instead should be considered based on their strengths and experience. We are passionate about this and hope you are too.
Learn more here

Job posted: 2021-09-19