Regional IT Risk & Compliance Manager, Middle East and Africa@TikTok posted 3 weeks ago
The Regional IT Risk & Compliance Manager, Middle East and Africa will work across teams at ByteDance to continue building an IT regulatory compliance program, focusing on emerging requirements in Privacy, Data protection, SOC2, ISO 27001, and regional telecom regulatory frameworks. The individual in the role will manage continuous improvement efforts and remediation plans to improve efficiency and effectiveness of IT, regulatory, data, security, and privacy controls in the EDGE / CDN Infrastructure space.
- Provide governance and oversight of IT security compliance for ByteDance EDGE Infrastructure.
- Conduct audits to identify compliance risks and develop remediation plans.
- Work in legal, GR, PR and other cross-functional teams to help in conduct risk assessments for expansion of EDGE / CDN infrastructure into new geographies.
- Develop policy, procedure, and process to ensure that IT controls are compliant with regulations and ByteDance policies.
- Act independently to ensure that compliance issues within the organization are being resolved.
- Develop and conduct audits of IT practices to identify policy violations.
- Collaborate with cross-functional teams to facilitate remediation of compliance gaps. – Serve as a point-of-contact for violations of regulations, policy, and procedures.
- Develop and maintain governance, risk, and compliance documentation.
- Serve as a SME on privacy, Data protection regulations and advise employees and management on privacy laws and specifications (e.g., GDPR, CCPA).
- Develop and oversee user security awareness and compliance training programs.
- Work with Engineering and other Cross-functional teams in creating / maintaining the Standard Operating procedures (SOPs) for compliance requirements.
- BA/BS degree, preferably in Risk Management, Business, Finance, or other quantitative field.
- 8+ years of corporate risk management, consulting, or related experience.
- Hands on experience in privacy and data protection laws and regulations (GDPR, PCI-DSS, HIPAA).
- Hands on experience in IT controls frameworks (NIST, ISO 270xx, SOC2, CIS).
- General knowledge of IT systems (applications, operating systems, databases, infrastructure).
- Experience working in AWS, Azure, Oracle, or GCP Cloud environments.
- TikTok is committed to creating an inclusive space where employees are valued for their skills, experiences, and unique perspectives. Our platform connects people from across the globe and so does our workplace. At TikTok, our mission is to inspire creativity and bring joy. To achieve that goal, we are committed to celebrating our diverse voices and to creating an environment that reflects the many communities we reach. We believe individuals shouldn't be disadvantaged because of their background or identity, but instead should be considered based on their strengths and experience. We are passionate about this and hope you are too.