Data Protection and Sovereignty Technical Program Manager

TikTok is the leading destination for short-form mobile video. At TikTok, our mission is to inspire creativity and bring joy. TikTok's global headquarters are in Los Angeles and Singapore, and we also have offices in New York City, London, Dublin, Paris, Berlin, Dubai, Jakarta, Seoul, and Tokyo.

Inspiring creativity is at the core of TikTok's mission. Our innovative product is built to help people authentically express themselves, discover and connect – and our global, diverse teams make that possible. Together, we create value for our communities, inspire creativity and bring joy - a mission we work towards every day.

We strive to do great things with great people. We lead with curiosity, humility, and a desire to make impact in a rapidly growing tech company. Every challenge is an opportunity to learn and innovate as one team. We're resilient and embrace challenges as they come. By constantly iterating and fostering an "Always Day 1" mindset, we achieve meaningful breakthroughs for ourselves, our company, and our users. When we create and grow together, the possibilities are limitless. Join us.

TikTok is committed to creating an inclusive space where employees are valued for their skills, experiences, and unique perspectives. Our platform connects people from across the globe and so does our workplace. At TikTok, our mission is to inspire creativity and bring joy. To achieve that goal, we are committed to celebrating our diverse voices and to creating an environment that reflects the many communities we reach. We are passionate about this and hope you are too.

Team introduction: The mission of TikTok's Privacy & Security Engineering organization is to build creative and best-in-class privacy and security solutions that enable our business to scale in a responsible manner, and with a global mindset. Also known as "PnS", the organization, and our Data Protection Solutions team in PnS, strives to tackle the most difficult problems that our business faces in the security and privacy spaces. With an approach that is sustainable, scalable, and pragmatic - no problem is too big or too small.

• Provide technical strategy and management for Data Sovereignty programs regionally, which include cross‑functional security projects across multiple organizations and external providers, to implement programs that meet the organization's Information Security standards, the assurance objectives of third parties, and regional regulatory requirements
• Deliver operational security services and solutions which include but are not limited to: Program Management, Vendor Management, Secure Code Review, Security Monitoring, Network Monitoring, Vulnerability Management, Incident Response, and other traditional security disciplines
• Executive leadership communications (provide appropriate updates/recommendations regarding organization's regional security posture) and reporting (prepare and present high‑level security reports that clearly and effectively communicate the organization's regional security status, significant risks/issues, and external implications of security metrics)
• Stakeholder management and workstream coordination across disciplines and diverse regions/work cultures (present complex security concepts and situations to both technical and non‑technical stakeholders in a clear and comprehensible manner)
• Project planning (create and maintain project plans and roadmaps in accordance with internal and external priorities, define delivery methodologies and drive project execution) and tracking (manage various collaboration tools and dashboards to ensure accurate and timely status updates on project execution)
• Assemble and enable integrated teams with the appropriate skills for successful execution and delivery (including subject matter experts, project sponsors, and operational resources across multiple internal and external teams)

Minimum Qualifications:

• Experience driving technical cybersecurity programs from scoping to delivery at scale
• Strong understanding of Cybersecurity Managed Services, Secure Code Review and Vulnerability Management, Access Management, Network Monitoring, Security Operations and Incident Response, and Cybersecurity and Compliance Frameworks (NIST, ISO, PCI, etc.)
• Strong analytical, organizational, and interpersonal skills, combined with excellent verbal and written communication skills
• Significant experience engaging with third‑parties or external stakeholders, such as client‑facing support or management of contractor relationships
• Experience operating autonomously and leading across multiple teams, with stakeholders in different disciplines across time zones

Preferred Qualifications：

• Bachelors’ Degree or industry equivalent work experience
• Minimum 5 years experience working in cybersecurity, or privacy program management
• Relevant certifications:
  • CISSP
  • CISM
  • PMP
• Understanding of privacy risk, data protection, or a related field, with a proven track record of executing privacy programs
• Understanding of global data protection laws and regulations, including GDPR, CCPA, and industry‑specific regulations.
• Ability to work collaboratively in a team environment and to engage with stakeholders at all levels of the organization.
• Demonstrated ability to work effectively in environments of ambiguity and constant change.