Security Compliance Engineer

About the Company Founded in 2012, ByteDance's mission is to inspire creativity and enrich life. With a suite of more than a dozen products, including TikTok, Helo, and Resso, as well as platforms specific to the China market, including Toutiao, Douyin, and Xigua, ByteDance has made it easier and more fun for people to connect with, consume, and create content. Why Join Us Creation is the core of ByteDance's purpose. Our products are built to help imaginations thrive. This is doubly true of the teams that make our innovations possible. Together, we inspire creativity and enrich life - a mission we aim towards achieving every day. To us, every challenge, no matter how ambiguous, is an opportunity; to learn, to innovate, and to grow as one team. Status quo? Never. Courage? Always. At ByteDance, we create together and grow together. That's how we drive impact - for ourselves, our company, and the users we serve. Join us. About the Team As a part of ByteDance's Security Department, the Security Governance and Compliance team plays a pivotal role in supporting various business lines. This involves offering expertise in security governance and compliance by implementing robust information security management systems. The team is dedicated to tailoring solutions that address key aspects such as data security, privacy protection, and regulatory compliance. Moreover, they actively pursue and obtain a multitude of security compliance qualifications and certifications essential for the diverse business lines. Additionally, the team actively engages in shaping industry standards for security and privacy, while also conducting advanced research to anticipate and navigate future risks and opportunities. Job Description: 1. Stay abreast of the latest developments of laws, regulations, policies and information security standards related to Network Security, Data Security and Data protection. Ensure timely updates and maintenance of the internal information security management system. 2. Apply for information security certifications such as ISO 27001, SOC and PCI for our products. 3. Advocate for and oversee the implementation of security compliance and privacy protection requirements. Promptly address and rectify any non-compliant items. 4. Validate and verify that the organization's security controls meet industry requirements. Conduct thorough examinations of processes, systems, policies, procedures, network diagrams, and system configurations. 5. Monitor business activities through collaborating with cross-functional team leaders to guarantee ongoing compliance with external certifications.

Minimum Qualifications: 1. More than 3 years of relevant experience in managing ISO 27001:2022, SOC 2 audit, and compliance programs within a global organizational setting. 2. Demonstrate extensive knowledge and hands-on experience with cybersecurity frameworks, such as ISO 27001, PCI-DSS, SOC 2, and other relevant regulatory requirements. 3. Exhibit excellent communication skills, logical reasoning abilities. 4. Maintain a composed demeanor, showcasing a robust commitment to continuous learning and a collaborative, team-oriented mindset. 5. Display self-driven and results-oriented attributes, enjoy challenging tasks, demonstrate a genuine enthusiasm for work, and work well under pressure. Preferred Qualifications: 1. Experience in ISO management systems, SOC audit, and PCI certification is preferred. 2. Relevant industry certifications such as CISM, CISA, CISSP is preferred. ByteDance is committed to creating an inclusive space where employees are valued for their skills, experiences, and unique perspectives. Our platform connects people from across the globe and so does our workplace. At ByteDance, our mission is to inspire creativity and enrich life. To achieve that goal, we are committed to celebrating our diverse voices and to creating an environment that reflects the many communities we reach. We are passionate about this and hope you are too.