Building Trust at TikTok

1. What is the mission of TikTok's Global Security Organization?

The mission of TikTok's Global Security Organization is to build and earn trust by reducing risk and securing our businesses and products. Also known as "GSO", this team is the foundation of our efforts to keep TikTok safe, secure and operating at scale for over 1 billion people around the world. We work to help ensure that our users' experience and their data remains safe from external or internal threats, and that we comply with global regulations wherever TikTok operates.

Trust is one of TikTok's biggest priorities, and security is integral to our success. In whatever ways users interact with us — whether they're watching videos on their For You page, interacting with a Live video, or buying products on TikTok Shop — GSO protects their data and privacy, so they can have a secure and trustworthy experience.

2. Why do you work at TikTok? What has been your proudest moment to date?

Over one billion people around the world come to TikTok to discover, connect, and create, and I am proud to lead a team tasked with protecting that community and establishing a trusted experience for those users, advertisers, and vendors. I also like to think working for such a cool company is impressive to my kids as well.

I'm most proud of the team I've built at TikTok. Here, I've hired some of the best security professionals I've worked with in the industry, which has helped create a strong bench of talent. Trusting others and allowing my team to take the lead has given me the ability to focus on what matters most - and try to have some time for self care. For my team, it empowers them to feel valued and appreciated as leaders and subject matter experts. I'm passionate about hiring diverse skillsets that enable us build the best possible security program. We need to work together and recognize what is coming next in terms of threats, technologies, or solutions.

Currently, the cybersecurity industry is at an important stage. As companies start to mature and see security as something that gives them an edge in the market, we're able to shift security and privacy to become a revenue-generating component for the company. Protecting the company's user experience and its most important income streams is something I'm immensely proud of, and I'm glad to say GSO has become a sustainable organization that's primed for success.

3. What have you learned about yourself during your career transitions?

When I graduated from school, cybersecurity was not the industry it is today, and certainly not a career path that was on my radar. I entered the workforce as a financial audit consultant for public accounting. As I learned more about IT, controls, risk, and compliance, I discovered that careers are not set in stone — there's no one stopping you from exploring other opportunities. As I transitioned to security, I took full advantage of opportunities and built a strong network of mentors and sponsors. I initially joined the cybersecurity sector as the head of security training and awareness, and later broadened my role to encompass all aspects of cybersecurity. This enabled me to eventually lead our teams here at TikTok to safeguard the platform every day for our global user base.

Throughout my career transitions, I learned to take risks and make decisions based on what's most important in life, both personally and professionally. Life is constantly in flux, and commitments can change throughout the years. When I came to TikTok, it was important for me to find a unique new challenge at an innovative company, which is exactly what my experience here relfects. One of our company values, "Always Day 1," encourages employees to always maintain an entrepreneurial mindset, and to keep pioneering and innovating instead of relying on resources or past achievements. The same value rings true for career transitions — I've learned to pioneer and take ownership of my career and let my priorities lead me to opportunities that drive fulfillment and innovation.

4. What qualities do you think have contributed to your success? Are those qualities you look for when building your team?

At TikTok, we say "Security is a team sport." Teamwork is incredibly important across roles and industries, but especially in the world of cybersecurity, which is constantly shifting and advancing. We have a world-class team working on security, but no one of us can do it alone. Our team thrives because we're passionate about TikTok's mission to inspire creativity and bring joy to users worldwide, and empowered to contribute to that mission by safeguarding their experience.

Throughout my career, I have recognized the value in stretching myself beyond a job description or beyond what I even believed about myself. I initially joined TikTok to lead the security integrated risk program, which allowed me to gain exposure across the whole realm of security risk, compliance, and assurance. From there, I didn't allow myself to get stuck in any one domain, and became the Head of Global Security in 2022. There is no singular professional background that makes a successful cybersecurity team — there's a need for every type of perspective. It's about finding talent with motivation and the desire to be part of this journey.

Lastly, technical skills are only one component of the job. The ability to communicate, connect with others, and exert influence are the most important skills that any leader in business, but especially in security, needs to have. How will you achieve your goals if you cannot communicate about what you're doing, what resources you need, and why your decision is the right call? Valuing these qualities has enabled us to build an exceptional team skilled in technical domains and in leadership.

5. You've mentioned the importance of mentorship. How have mentors shaped your career, and how do you pay that forward?

My journey into cybersecurity was not linear, nor was it planned. I got my start in security after about 15 years in risk, compliance, and audit because of the guidance I received from sponsors and mentors, and the support of my trusted professional relationships and networks. Having a network enables you to take risks and know that if you stumble, there will be support to help steer you towards the right path.

I've learned that the most powerful mentor and sponsor connections are organic relationships that feel like a two-way street. Many senior leaders are pulled in numerous directions by people who need things from them — sometimes a friendly lunch with a trusted colleague is the best way to build rapport. Additionally, my most valued mentors aren't necessarily the most technical professionals, yet are the people I connect with the most, trust, and relate to.

I'm particularly passionate about providing mentorship and advancement opportunities for women in security — not just in my organization, but everywhere. GSO is proud to partner with numerous organizations that support women in this field, including the Executive Women's Forum, Women in Cybersecurity, Girl Talk, and BlackGirlsHack. I see myself and my fellow women leaders as responsible for paving the way for the next generation of cybersecurity talent, and partnering with organizations like EWF and others enables us to advance diverse talent into these positions.

6. What advice would you give to someone who wants to build a career in security or join the team at TikTok?

The most impactful security teams are those that know and love the product they protect. We're fortunate that the platform we protect here at TikTok is free to use, accessible worldwide, and has user-friendly features. I'm personally an avid user of the app and have posted videos on my personal account, as well as on our official TikTokTips page, and it is incredibly helpful to know the different features and experiences you can get on TikTok. If you're looking for a job at TikTok, it's important to understand the platform and respect why it's so meaningful for so many users around the world.

Lastly, never stop learning. Whether you're new to cybersecurity or have been in the field for years, this is a space that innovates and changes quickly, and it is up to us as practitioners to stay curious. Keeping our TikTok community secure is a priority that is always evolving and improving, and includes designing new strategies, developing programs, and staying one step ahead.