Privacy Engineer (Validation) - PDPO (Singapore)

TikTok is the leading destination for short-form mobile video. At TikTok, our mission is to inspire creativity and bring joy. TikTok's global headquarters are in Los Angeles and Singapore, and its offices include New York, London, Dublin, Paris, Berlin, Dubai, Jakarta, Seoul, and Tokyo.

Why Join Us
Creation is the core of TikTok's purpose. Our platform is built to help imaginations thrive. This is doubly true of the teams that make TikTok possible. Together, we inspire creativity and bring joy - a mission we all believe in and aim towards achieving every day. To us, every challenge, no matter how difficult, is an opportunity; to learn, to innovate, and to grow as one team. Status quo? Never. Courage? Always. At TikTok, we create together and grow together. That's how we drive impact - for ourselves, our company, and the communities we serve. Join us.

The Privacy and Data Protection Office (PDPO) Org is responsible for leading, supervising, and empowering all of TikTok’s privacy work in an accountable and industry-leading way. The PDPO team has particular expertise in privacy risks and passionately consults across the company to implement proper safeguards and technical mitigations that ensure our users’ privacy is respected across all of TikTok’s products and platforms.

TikTok's Privacy & Data Protection Organization is expanding our Privacy Validation and Detection Engineering (VaDE) Team. TikTok's Privacy VaDE Team is responsible for validating potential privacy gaps, developing robust detections to enable continuous privacy monitoring, and providing technical engineering support during urgent incident & inquiry response efforts.

As a Privacy Engineer on the VaDE team, you will play a crucial role in protecting the privacy of our global user base. This role involves triaging and analyzing security & privacy reports submitted by researchers, ensuring compliance with regulations such as GDPR, identifying privacy incidents, and coordinating with incident responders and the legal team.

Responsibilities
- Perform tests on suspected privacy vulnerabilities to validate the presence of a vulnerability and gather evidence to support remediation efforts.
- Assist in privacy-related incident and inquiry response efforts by performing technical investigations on privacy incidents, identifying root causes, and recommending mitigation and remediation actions to prevent future occurrences.
- Work closely with development and product teams to incorporate privacy best practices into the design and development of new products and features. Advocate for "privacy by design" principles to embed privacy considerations throughout the product development lifecycle.
- Collaborate with legal and compliance teams to maintain and improve privacy policies and procedures.
- Maintain detailed records of privacy assessments, testing, detections, and related activities. Generate regular reports for management and stakeholders, providing insights on privacy risks.
- Stay up-to-date with global privacy regulations, such as GDPR, CCPA, or other relevant data protection laws. Ensure our organization's practices align with applicable privacy laws and standards.
- Support the development of practices, processes, mechanisms, and documentations for the above activities, both internally and within working groups.