Controls Management Specialist - Governance Risk and Compliance jobs in United States
cer-icon
Apply on Employer Site
company-logo

TikTok · 4 weeks ago

Controls Management Specialist - Governance Risk and Compliance

positionWashington, DC
timeFull-time
remoteOnsite
senioritySenior Level
money$132K/yr - $243K/yr
date5+ years exp

TikTok is the leading destination for short-form mobile video, and they are seeking a Controls Management Specialist for their Security Strategy, Risk, and Resilience team. This role involves driving the lifecycle of TikTok's cybersecurity controls, including control testing, monitoring, and facilitating audits to enhance the organization's cybersecurity compliance.

Content CreatorsContent DiscoveryMedia and EntertainmentSocial MediaVideo
check
H1B Sponsor Likelynote

Responsibilities

Supporting the scoping and maturity of the cybersecurity compliance program to align with industry best practices and regulatory requirements including but not limited to ISO 27001, PCI DSS, and SOC 2
Leading control design walkthroughs and tests of operating effectiveness for product and business line controls against security requirements and compliance obligations
Preparing and supporting control owners and process owners for internal and external audits by conducting thorough examinations of people, processes, technologies and key system configurations and helping identify best-in-class evidence
Influencing and collaborating with key stakeholders to support, track, and report on remediation efforts for identified security control gaps
Designing and engineering solutions to automate control testing, security control compliance, and control maturity reporting
Maintaining a global security controls library to include periodic updates and validation of security controls and owners
Communicating with technical and non-technical stakeholders on cybersecurity risk and control topics and program-specific reporting

Qualification

Cybersecurity frameworksControls managementCompliance engineeringAudit experienceProject managementAnalytical skillsCommunication skillsCollaborationAdaptabilityContinuous learningProblem-solving

Required

Experience supporting cybersecurity controls management programs with in-depth knowledge and experience of cybersecurity frameworks including ISO 27001, PCI-DSS, SOC 2, and other regulatory requirements
Experience collaborating closely with engineers, business teams, and security partners, including incident response, red teams, and architects to seamlessly incorporate cybersecurity controls and risk management processes into their day-to-day operations
Experience with the entire controls monitoring lifecycle, including identifying, assessing, monitoring, and remediating controls
Excellent communication skills with the ability to document, communicate, and report security assessments as well as the status of the implementation, effectiveness, and remediation of cybersecurity controls with product and business leaders
Strong project management skills with the ability to lead and execute security assessment projects and initiatives on time with multiple stakeholders
Ability to work in New York or D.C. office for 5 days per week and be willing to travel to other offices with the flexibility to conduct virtual meetings, including international locations, as required to support business needs

Preferred

Minimum of 5 years in Information Technology (IT) or Information Security (IS) compliance and controls programs in a global organization with in-depth knowledge and experience of cybersecurity frameworks such as ISO 27001, PCI-DSS, SOC 2, and other regulatory requirements
Experience supporting complex audit projects in a cloud-centric environment with a strong aptitude to understand emerging technologies to assure regulatory and compliance requirements are met
Experience engineering governance, risk and compliance solutions to help automate testing and compliance workflows
CISM, CISA, CISSP, CCSP, SecurityX, CySA+, Security+, CRISC, CGEIT, GSEC, QSA, or other relevant certifications

Benefits

Medical, dental, and vision insurance
401(k) savings plan with company match
Paid parental leave
Short-term and long-term disability coverage
Life insurance
Wellbeing benefits
10 paid holidays per year
10 paid sick days per year
17 days of Paid Personal Time (prorated upon hire with increasing accruals by tenure)

Company

TikTok

twittertwittertwitter
Glassdoor3.4
company-logo
TikTok is a short-form video entertainment app and social network platform. It is a sub-organization of ByteDance.
dateFounded in 2003
location
Los Angeles, California, USA
people-size10001+ employees
web-link
https://www.tiktok.com

H1B Sponsorship

TikTok has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (979)
2024 (601)
2023 (387)
2022 (322)
2021 (133)
2020 (72)

Funding

Current Stage
Late Stage

Leadership Team

leader-logo
N Ali Mohamed
CEO
linkedin
leader-logo
Blake Chandlee
VP Global Business Solutions
linkedin

Recent News

Variety
FIFA Sets TikTok as ‘Preferred Platform’ Content Partner for 2026 World Cup
2026-01-09
Business Insider
TikTok's global head of creators is leaving the company amid a reorg
2026-01-09
Sportcal
FIFA names TikTok as first preferred platform for 2026 World Cup
2026-01-09
Company data provided by crunchbase