Data Protection & Privacy Operation Specialist - USDS
Apply NowCompany: TikTok
Location: Los Angeles, CA 90011
Description:
Responsibilities
About the Team
The USDS Privacy and Integrated Security team is responsible for overseeing and governing all activities of privacy impacts to TikTok USDS' operations. We address complex and cutting-edge challenges, aiming to build the world's most trusted social media platform. We partner with TikTok global legal, R&D, Privacy and Data Protection Office, and security organizations in advancing our privacy practices. We oversee, govern and support the integration and optimization of operational privacy capabilities including data inventory, data classification, data retention/deletion, and incident response, etc., to ensure scalable and compliant privacy and data protection practices.
In order to enhance collaboration and cross-functional partnerships, among other things, at this time, our organization follows a hybrid work schedule that requires employees to work in the office 3 days a week, or as directed by their manager/department. We regularly review our hybrid work model, and the specific requirements may change at any time.
We seek a highly motivated, experienced, and dynamic professional to join our team. This is an opportunity to work on the most innovative platform in the industry, strengthening security and privacy, in our mission to Inspire Creativity and Enrich Lives. The Privacy and Data Compliance Specialist plays an important role in advancing our privacy practices at USDS, through aligning USDS privacy practice with the global privacy compliance framework (PCF), working closely with global legal, R&D, Privacy and Data Protection Offices (PDPO) as well as USDS privacy operation teams. The ideal candidate will have a strong background in privacy compliance assessment, a deep understanding of privacy control mechanisms at the technical layers, and a passion for privacy considerations from an end-user perspective. Initially reporting to the Head of Privacy and Integrated Security, the reporting structure may evolve as the capability grows.
Reporting to: Data Protection and Privacy Strategist within the Department of Privacy and Integrated Security. The reporting structure may evolve as the program capability grows.
Responsibilities
- Privacy Program Execution: Support the operationalization of privacy principles and data handling requirements within TikTok USDS.
- Data Deletion & Lifecycle Management: Coordinate with engineering and data governance teams to ensure timely and secure deletion of U.S. user data when no longer needed.
- Privacy by Design: Collaborate with product, engineering, and security teams to integrate privacy requirements into TikTok's infrastructure, data flows, and features.
- Process Optimization & Automation: Support automation initiatives to streamline data governance workflows, reduce manual efforts, and improve privacy controls.
- Documentation & Policy Enforcement: Maintain and update privacy guidelines, operational procedures, and governance frameworks for TikTok USDS.
- Training & Awareness: Help develop and deliver privacy education materials to increase internal awareness of data handling requirements.
- Metrics & Reporting: Assist in tracking privacy-related KPIs, compliance trends, and reporting insights to leadership.
- As a new program, team members may be assigned special projects or additional responsibilities to support the program's growth and objectives. These tasks will be aligned with the employee's skill set, growth potential, and experience and may vary based on the evolving business needs.
Qualifications
Minimum Qualifications
- Bachelor's degree in information systems, data science, computer science, information management, or a related field.
- 4+ years of experience in privacy operations, product management, data management or a related technical/operational role.
- Excellent fundamental knowledge of industry standards frameworks (NIST Privacy Framework, ISO 27001, ISO/IEC 27701, NIST RMF, ISO 31000, IAPP guidelines, etc.)
- Detail-oriented with strong organizational and documentation skills along with Understanding of privacy principles such as data minimization, retention, deletion, and discovery.
- Experience working with structured and unstructured data, including data inventory, mapping, and classification. Must be adaptable and able to navigate through ambiguity and vagueness within a large complex organization.
Preferred Qualifications
- Experience working with privacy-enhancing technologies, data governance tools, or automation solutions.
- Familiarity with cloud environments (e.g., AWS, GCP), databases, and data security best practices.
- Hands-on experience implementing data lifecycle management policies.
- Basic knowledge of U.S. data security laws and regulatory requirements (e.g., CPRA, FTC guidelines, U.S. government security frameworks).
- Relevant certifications (e.g., CIPT, CIPP/US, CDPSE, or data governance credentials) are a plus.
About the Team
The USDS Privacy and Integrated Security team is responsible for overseeing and governing all activities of privacy impacts to TikTok USDS' operations. We address complex and cutting-edge challenges, aiming to build the world's most trusted social media platform. We partner with TikTok global legal, R&D, Privacy and Data Protection Office, and security organizations in advancing our privacy practices. We oversee, govern and support the integration and optimization of operational privacy capabilities including data inventory, data classification, data retention/deletion, and incident response, etc., to ensure scalable and compliant privacy and data protection practices.
In order to enhance collaboration and cross-functional partnerships, among other things, at this time, our organization follows a hybrid work schedule that requires employees to work in the office 3 days a week, or as directed by their manager/department. We regularly review our hybrid work model, and the specific requirements may change at any time.
We seek a highly motivated, experienced, and dynamic professional to join our team. This is an opportunity to work on the most innovative platform in the industry, strengthening security and privacy, in our mission to Inspire Creativity and Enrich Lives. The Privacy and Data Compliance Specialist plays an important role in advancing our privacy practices at USDS, through aligning USDS privacy practice with the global privacy compliance framework (PCF), working closely with global legal, R&D, Privacy and Data Protection Offices (PDPO) as well as USDS privacy operation teams. The ideal candidate will have a strong background in privacy compliance assessment, a deep understanding of privacy control mechanisms at the technical layers, and a passion for privacy considerations from an end-user perspective. Initially reporting to the Head of Privacy and Integrated Security, the reporting structure may evolve as the capability grows.
Reporting to: Data Protection and Privacy Strategist within the Department of Privacy and Integrated Security. The reporting structure may evolve as the program capability grows.
Responsibilities
- Privacy Program Execution: Support the operationalization of privacy principles and data handling requirements within TikTok USDS.
- Data Deletion & Lifecycle Management: Coordinate with engineering and data governance teams to ensure timely and secure deletion of U.S. user data when no longer needed.
- Privacy by Design: Collaborate with product, engineering, and security teams to integrate privacy requirements into TikTok's infrastructure, data flows, and features.
- Process Optimization & Automation: Support automation initiatives to streamline data governance workflows, reduce manual efforts, and improve privacy controls.
- Documentation & Policy Enforcement: Maintain and update privacy guidelines, operational procedures, and governance frameworks for TikTok USDS.
- Training & Awareness: Help develop and deliver privacy education materials to increase internal awareness of data handling requirements.
- Metrics & Reporting: Assist in tracking privacy-related KPIs, compliance trends, and reporting insights to leadership.
- As a new program, team members may be assigned special projects or additional responsibilities to support the program's growth and objectives. These tasks will be aligned with the employee's skill set, growth potential, and experience and may vary based on the evolving business needs.
Qualifications
Minimum Qualifications
- Bachelor's degree in information systems, data science, computer science, information management, or a related field.
- 4+ years of experience in privacy operations, product management, data management or a related technical/operational role.
- Excellent fundamental knowledge of industry standards frameworks (NIST Privacy Framework, ISO 27001, ISO/IEC 27701, NIST RMF, ISO 31000, IAPP guidelines, etc.)
- Detail-oriented with strong organizational and documentation skills along with Understanding of privacy principles such as data minimization, retention, deletion, and discovery.
- Experience working with structured and unstructured data, including data inventory, mapping, and classification. Must be adaptable and able to navigate through ambiguity and vagueness within a large complex organization.
Preferred Qualifications
- Experience working with privacy-enhancing technologies, data governance tools, or automation solutions.
- Familiarity with cloud environments (e.g., AWS, GCP), databases, and data security best practices.
- Hands-on experience implementing data lifecycle management policies.
- Basic knowledge of U.S. data security laws and regulatory requirements (e.g., CPRA, FTC guidelines, U.S. government security frameworks).
- Relevant certifications (e.g., CIPT, CIPP/US, CDPSE, or data governance credentials) are a plus.