Responsibilities
About the Team As a part of ByteDance's Security Department, the Security Governance and Compliance team plays a pivotal role in supporting various business lines. This involves offering expertise in security governance and compliance by implementing robust information security management systems. The team is dedicated to tailoring solutions that address key aspects such as data security, privacy protection, and regulatory compliance. Moreover, they actively pursue and obtain a multitude of security compliance qualifications and certifications essential for the diverse business lines. Additionally, the team actively engages in shaping industry standards for security and privacy, while also conducting advanced research to anticipate and navigate future risks and opportunities. Responsibilities - Stay abreast of the latest developments of laws, regulations, policies and information security standards related to Network Security, Data Security and Data protection. Ensure timely updates and maintenance of the internal information security management system. - Apply for information security certifications such as ISO 27001, SOC and PCI for our products. - Advocate for and oversee the implementation of security compliance and privacy protection requirements. Promptly address and rectify any non-compliant items. - Validate and verify that the organization's security controls meet industry requirements. Conduct thorough examinations of processes, systems, policies, procedures, network diagrams, and system configurations. - Monitor business activities through collaborating with cross-functional team leaders to guarantee ongoing compliance with external certifications.
Qualifications
Minimum Qualifications: - More than 3 years of relevant experience in managing ISO 27001:2022, SOC 2 audit, and compliance programs within a global organizational setting. - Demonstrate extensive knowledge and hands-on experience with cybersecurity frameworks, such as ISO 27001, PCI-DSS, SOC 2, and other relevant regulatory requirements. - Exhibit excellent communication skills, logical reasoning abilities. - Robust commitment to continuous learning and a collaborative, team-oriented mindset. Preferred Qualifications: - Experience in ISO management systems, SOC audit, and PCI certification is preferred. - Relevant industry certifications such as CISM, CISA, CISSP is preferred.
