Business Compliance Partner - USDS

Team Intro
The USDS Security - Risk & Compliance team is responsible for managing USDS security compliance in accordance with US compliance requirements and objectives, and providing industry leading governance, risk, and compliance services.

The core service offerings include:
Compliance & Security Risk Management, Controls & Compliance Framework, Security Compliance Policies, Charters, & Protocols, Vendor Program & Third-Party Risk Management, Governance, Risk, & Compliance (GRC) Platform, and Security & Compliance Behavior & Culture.

About the Role
Tik Tok is seeking a Business Compliance Partner ("BCP") to be part of the US Security & Privacy Risk and Compliance team. This role will have a significant impact on mitigating regulatory compliance risk, and maturing operations to meet its compliance requirements. The primary focus of this role will be to strategically bridge gaps between compliance and product development, and driving "compliance x design" into early stages of the product planning phases, by cultivating and maintaining strong relationships with business stakeholders.

The BCP must have a "business first" mindset and a strong understanding of their business and products, serving as the main liaison between the business and compliance to ensure that business initiatives are done in accordance with compliance requirements.

On-site presence across teams allows the company to operate with greater speed, alignment, and agility - especially in areas like real-time decision-making, team development, and integrated execution. As such, the company is shifting from a hybrid work model to a fully in-person schedule up to 5 days a week.

Responsibilities:

* Establish partnerships with product teams and proactively plan compliant solutions and considerations at the early stages, providing direction on compliance and risk strategy to the business

* Provide direction on security and risk strategy to the business by being a key strategic advisor for the business

* Work closely with business teams to develop ongoing compliance testing strategies

* Evaluate compliance risks within the business, advise the business on prioritization, and recommend remediation

* Develop metrics and reporting to communicate business initiatives and risks to the broader security and compliance organization

* Serve as the subject matter expert for the business unit on compliance

* Collaborate with compliance assurance and compliance reporting functions to ensure reporting is aligned to regulatory standards

Minimum Qualifications

* 5+ years overall experience within Business line and/or product development expertise in consumer high-tech, media and entertainment, e-commerce, advertising, or similar

* 5+ years of Regulatory compliance experience with proven ability to identify compliance risk proactively and support solution through remediation

* Excellent organizational direction, time management, problem-solving, prioritization, goal setting, leadership, motivation, negotiation, and interpersonal skills

* Ability to collaborate with operations and engineering teams, communicate technical concepts to a broad range of technical and non-technical staff, provide compliant solutions, and communicate appropriately to a wide-range of audiences

* Easily partner and forge relationships with cross-functional teams and stakeholders, with a collaborative mindset

* Thoughtful and responsible professional, self-motivated, and can proactively seek input

Preferred Qualifications

* Start-up high-tech experience

* Experience with external compliance reporting to regulators (i.e, privacy, CFIUS, etc.)

* Experience with risk and controls frameworks including (ISO 27001, NIST CSF, NIST RMF, FAIR, COBIT, NIST RMF, ISO 31000 etc.)