S'INSCRIRE
Retour aux emplois
XX
Security Solutions Architect: Scalable, Compliant SecurityTikTok USDS Joint VentureSan Jose, Arizona, United States
Trouver des emplois similaires

Cette offre d'emploi n'est plus disponible

XX

Security Solutions Architect: Scalable, Compliant Security

TikTok USDS Joint Venture
  • US
    San Jose, Arizona, United States
  • US
    San Jose, Arizona, United States
Trouver des emplois similaires

À propos

About the Team The Security and Information Technology team is missioned to run and operate security infrastructures, platforms and technologies, as well as to support cross‑functional teams to protect our users, products and infrastructures. In this team you'll have a unique opportunity to have first‑hand exposure to the strategy of the company in key security initiatives, especially in deploying and maintaining scalable and secure‑by‑design systems and solutions. Our challenges are not your regular day‑to‑day technical problems; you'll be part of a team that's developing new solutions to new challenges of a kind not previously addressed by big tech. It works fast, at scale, and we’re making a difference. About the Role The Security Solution Architect is a senior individual contributor and the front door for internal USDS JV teams and product engineering teams on security architecture and compliant solutions. The role is responsible and accountable for fully understanding the end‑to‑end technical security architecture of assigned products and services and for designing, governing, and continuously improving technical security solutions that translate complex national‑security and compliance obligations into tangible, effective, and sustainable controls that are also business‑friendly. Responsibilities
Design Compliance‑by‑Design Technical Architectures: Interpret and translate abstract national‑security, privacy, and internal policy requirements (e.g., NIST SP 800‑53, data residency, access control segregation) into concrete security architecture patterns and compliance‑by‑design technical implementations—controls, instrumentation, and engineering changes—proposing pragmatic alternatives when constraints conflict and partnering with subject‑matter experts to land workable solutions. Act as the Front Door and Cross‑Functional Bridge: Serve as the single, accountable interface between USDS JV security functions (e.g., Threat Detection & Response, Data Security, Vulnerability Management, GRC) and product and engineering teams. Deeply understand business systems architecture, data flows, and operational structures; pair this understanding with security and compliance context to bridge gaps, simplify complex obligations into clear patterns, guardrails, and trade‑offs, and orchestrate alignment on designs that both comply and ship—while subject‑matter experts retain final technical decision‑making authority. End‑to‑End System Mapping: Develop and maintain a comprehensive understanding and mapping of each product’s technical security architecture—including components, data flows, dependencies, and control points. Identify critical control points for logging and telemetry, access segregation, data residency and localization, and incident reporting to create a holistic view of the security landscape that other security and privacy teams can rely on. Governance, Design Reviews, and Traceability: Establish and lead multi‑party security architecture review processes to assess new products, features, and infrastructure changes. Produce and maintain architecture design specifications, solution blueprints, and Architecture Decision Records (ADRs) and other decision logs that capture assumptions and trade‑offs; drive timely resolution paths and escalations when needed, and defer final technical authority to relevant subject‑matter experts while maintaining alignment and secure‑by‑design principles across the organization. Documentation and Audit Readiness: Create and maintain high‑quality architecture documentation, control mappings, and evidence artifacts to support internal and external audits. Ensure all security solutions are well‑documented, traceable to specific requirements, and defensible to regulators. Improve Alignment Efficiency: Track and improve time‑to‑alignment for key security and compliance decisions and reduce rework caused by misunderstandings between security functions and product and engineering teams.
Minimum Qualifications
Bachelor's degree in Computer Science, Information Security, or a related field, or equivalent practical experience, with experience working in the technology industry. 5+ years of experience in a hands‑on security architecture or engineering role, with a proven track record of designing and implementing security solutions in complex, large‑scale environments. Deep expertise in at least two of the following domains: cloud security (IaaS/PaaS), application security, data security, or network security. Demonstrable experience translating regulatory or compliance requirements (e.g., SOC 2, ISO 27001, PCI DSS) into technical security controls. Strong understanding of modern development practices (e.g., CI/CD, DevOps) and how to integrate security into them. Demonstrated ability to partner and negotiate with cross‑functional business, product, and compliance stakeholders, balancing business needs and regulatory obligations without exposing the business to undue risk.
Preferred Qualifications
Direct experience designing security solutions to meet U.S. national security‑related compliance obligations, such as those governed by NIST SP 800‑53, NIST SP 800‑171, FedRAMP, CISA directives, or similar frameworks. In‑depth knowledge of security controls related to data residency and localization, supply chain risk management (SCRM), and mandatory incident reporting. Proven ability to design and implement comprehensive logging and monitoring solutions that enable effective security operations and incident response. Experience conducting threat modeling, security design reviews, and risk assessments for complex software and infrastructure. Familiarity with enterprise architecture frameworks and their application to security.
Job Information 【For Pay Transparency】Compensation Description (Annually) The base salary range for this position in the selected city is $199,800 - $441,600 annually. Compensation may vary outside of this range depending on a number of factors, including a candidate’s qualifications, skills, competencies and experience, and location. Base pay is one part of the Total Package that is provided to compensate and recognize employees for their work, and this role may be eligible for additional discretionary bonuses/incentives, and restricted stock units. Benefits may vary depending on the nature of employment and the country work location. Employees have day one access to medical, dental, and vision insurance, a 401(k) savings plan with company match, paid parental leave, short‑term and long‑term disability coverage, life insurance, wellbeing benefits, among others. Employees also receive 10 paid holidays per year, 10 paid sick days per year and 17 days of Paid Personal Time (prorated upon hire with increasing accruals by tenure). The Company reserves the right to modify or change these benefits programs at any time, with or without notice. USDS Reasonable Accommodation USDS is committed to providing reasonable accommodations in our recruitment processes for candidates with disabilities, pregnancy, sincerely held religious beliefs or other reasons protected by applicable laws. If you need assistance or a reasonable accommodation, please reach out to us at https://tinyurl.com/USDS-RA Los Angeles County (Unincorporated) Candidates Qualified applicants with arrest or conviction records will be considered for employment in accordance with all federal, state, and local laws including the Los Angeles County Fair Chance Ordinance for Employers and the California Fair Chance Act. Our company believes that criminal history may have a direct, adverse and negative relationship on the following job duties, potentially resulting in the withdrawal of the conditional offer of employment: 1. Interacting and occasionally having unsupervised contact with internal/external clients and/or colleagues; 2. Appropriately handling and managing confidential information including proprietary and trade secret information and access to information technology systems; and 3. Exercising sound judgment. #J-18808-Ljbffr
  • San Jose, Arizona, United States

Compétences linguistiques

  • English
Avis aux utilisateurs

Cette offre a été publiée par l’un de nos partenaires. Vous pouvez consulter l’offre originale ici.

Trouver des emplois similaires