Regional Security and Data Protection Lead, Europe

In order to enhance collaboration, we follow a hybrid work schedule that requires employees to work in the office for 3 days a week, as directed by their manager. We regularly review our hybrid work model, and the requirements may change at any time.

We are seeking an experienced European Regional Security and Data Protection leader to join our Global Security Organization. As a direct report to the Global Head of Security, you'll oversee the delivery of security strategy, operations, and leadership initiatives across Europe. This role requires a leader with deep understanding of regional regulatory requirements and emerging cyber threats. You will have worked extensively across Europe and understand the security posture across various countries. You will help to advance our industry-leading cyber security and data protection programs, including Project Clover, and will enable us to continue to break ground in the field of European data protection.

Responsibilities
- Strategic Leadership
- Develop and execute a comprehensive, regional security and data protection strategy, aligned with global objectives.
- Be the primary security advisor to regional leaders and stakeholders.
- Along with the Global Head of Security, be the regional decision-maker and authority for European security initiatives.
- Present official security reporting, metrics, insights, and recommendations to leadership and Board of Directors of TikTok Ireland. Be a voting permanent member of the European Data Protection Steering Committee (Dublin-based candidates only).
- Work closely with EU Government Relations to develop external outreach strategies and help elevate opportunities for leading transparency efforts.
- Build and maintain strong relationships with European teams within Government Relations, IT, Legal, business units, etc. and help them to integrate security into their operations.
- Serve as regional leader for all GSO employees in Europe.
- Proactively identify opportunities to align with existing and emerging security standards. Engage with industry bodies to help drive innovative solutions.
- Regulatory Compliance
- Oversee compliance with European cybersecurity regulations, including GDPR, NIS2 and other regional requirements.
- Represent TikTok in engagements with regulators, auditors and industry bodies regarding TikTok's security practices and policies.
- Implement auditability and documentation requirements that adhere to European requirements.
- Understand upcoming Europe-focused regulatory requirements and help to implement proactive mitigation solutions.
- Risk Management
- Identify, assess and mitigate cybersecurity risks across the European business units.
- Review product requirement documentation to proactively identify security opportunities in new products and functions.

Qualifications

Minimum Qualifications
- Proven experience managing cybersecurity across Europe, with a strong understanding of regional regulations and cultural nuances.
- Deep experience and network of government regulators and auditors across Europe
- Experience driving programs from scoping to delivery at scale.
- Experience operating autonomously and leading across multiple teams, with stakeholders in different disciplines across time zones.
- Ability to demonstrate critical thinking and thought leadership.
- Analytical and problem-solving experience with large-scale systems.
- Experience working for a company with a global footprint.
- Fluent in English, other European languages preferred

Preferred Qualifications:
- 15+ years of progressive experience in cybersecurity, data protection, privacy, Internal Audit, Compliance or IT, with at least 10 years of direct, global leadership experience.