Product Security Operation Specialist - Governance, Global Security Organisation

TikTok

4.5

(6)

Singapore

Why you should apply for a job to TikTok:

4.5/5 in overall job satisfaction

4.5/5 in supportive management

100% say women are treated fairly and equally to men

100% would recommend this company to other women

100% say the CEO supports gender diversity

Ratings are based on anonymous reviews by Fairygodboss members.

Employee well-being is supported via hybrid work, short-term counseling through our EAP and a premium subscription to Headspace.

We embrace diversity across all dimensions and provide employees with 9 employee resource groups globally, including our WOMEN ERG.

Comprehensive parental leave policy as well as fertility treatment through healthcare providers with a $20,000 lifetime maximum.

#7511195805853436178

Position summary

hy experience.

About This Role:
SecOps Validation Team (STOV) is responsible for the tools and technologies that support the TikTok infrastructure. STOV oversees technical validation, security operations, and drives engineering enhancements, including the deployment, configuration, and maintenance of security technologies across various domains.
The role will be responsible for design and development of Product Security technical controls required by security policy and regulations. The validation targets include product security of TikTok product family and Secure SDLC process. It will provide a solid foundation to evaluate maturity for TikTok product family and Secure SDLC. This role ensures product security governance is embedded into every stage of development, enabling scalable compliance while fostering collaboration across teams.

Responsibilities:

Establish and operate a governance committee, aligning cross-functional stakeholders to define unified process strategies.
Develop and implement accountability frameworks (e.g., RACI) to clarify roles, validation mechanisms, and execution ownership across the product security lifecycle.
Design and maintain a centralized inventory of product security controls, documenting ownership, integration points, and compliance gaps.
Drive automated metrics monitoring and reporting mechanisms to ensure adherence to standards.
Embed product security validation service into business development lifecycle, maintain daily operation, and iterate process flow continuously.
Assess governance effectiveness, identify optimization opportunities, and integrate controls into existing workflows.

Qualifications

Minimum Qualifications

Bachelor's or Master's degree in Computer Science, Cybersecurity, or related fields
3+ years of experience in cybersecurity technologies or operations, including areas such as penetration testing, secure SDLC, security development, compliance, and governance.
Strong cross-functional communication and consensus-building skills; ability to drive complex initiatives.
Excellent problem-solving and analytical skills.
Excellent data analysis and insight extraction skills.

Preferred Qualifications

Proven track record in building governance committees, governance frameworks, or control inventories.
Deep knowledge of security standards (e.g., ISO 27001, NIST) and translating regulatory requirements into operational processes.
Certifications such as CISSP, CSSLP, CEH, or equivalent.