Third Party Risk & Issues Analyst

TikTok is seeking a Third Party Risk and Issues Analyst to be part of the USDS Security Risk and Compliance team. The USDS Third Party Risk Management (TPRM) mission is to identify and evaluate the risks associated with new and existing Third Party relationships, contracting, solution(s), projects and/or engagements for TikTok United States Data Security (USDS) in order to better enable the lines of business to make well informed and risk based decisions to enable business objectives and maintain leading security practices.
You will contribute and directly play a vital role in day-to-day Vendor Program Operations, Risk and Compliance assessments, resolution & issues management, monitoring & re-assessment and Third Party Metrics & Inventory. Responsibilities include but are not limited to:
- Coordination between TPRM, Procurement, and Legal operations pertaining to vendor lifecycle management, contract clauses verification and compliance assessment procedures
- Technical writing and communication between cross-functional teams and Non-USDS lines of business
- Vendor compliance screening assessments validation
- Vendor security risk assessment reporting for authorized and rejected vendors
- Unresolved findings and vulnerability management coordination between applicable internal teams
- USDS TPRM standard operating procedure enhancements pertains to emerging threats and USDS Vendor Program policy requirements
- Security standard control validations and audit validations pertaining to overall USDS TPRM program and process
- Assessment lifecycle management and dashboarding reporting
- Vendor lifecycle (onboarding, ongoing and offboarding) management coordination between Procurement, Business Units (BUs) and Legal teams
- Site visit assessment coordination, assessment (physical and remote) and reporting