Sr. Security Compliance Analyst

Headquartered in the United States, TP-Link Systems Inc. is a leading global provider of networking devices and smart home products. Consistently ranked as the world's top provider of Wi-Fi devices, TP-Link is dedicated to delivering innovative solutions that improve people's lives by offering faster, more reliable connectivity. Serving customers in over 170 countries, we are committed to expanding our global footprint.

At TP-Link Systems Inc., we believe that technology has the power to transform the world for the better. Our mission is to design reliable, high-performance products that connect users worldwide to the limitless possibilities of technology.

We are driven by our core values of professionalism, innovation, excellence, and simplicity. Our goal is to help clients achieve outstanding global performance and to provide consumers with a seamless, effortless technology experience.

TP-Link Systems Inc. is seeking a skilled and proactive Sr. Security Compliance Analyst who will be responsible for developing and overseeing TP-Link's enterprise security governance framework, ensuring compliance with regulatory requirements, industry standards, and internal policies. This individual will collaborate with cross-functional teams to embed security into business operations, manage risk, and enhance security resilience across TP-Link's enterprise ecosystem.

Key Responsibilities:

Security Governance & Policy Development

• Develop, implement, and maintain security policies, standards, and guidelines aligned with industry best practices (e.g., NIST, ISO 27001, CIS).
• Establish and lead a security governance framework to ensure consistent application of security controls across the enterprise.

Risk Management & Compliance

• Identify, assess, and mitigate security risks across TP-Link's global operations.
• Ensure compliance with regulatory requirements such as GDPR, CCPA, NIST CSF, and other applicable cybersecurity frameworks.
• Oversee security audits, risk assessments, and third-party security evaluations.
• Partner with legal, IT, and business leaders to address security compliance gaps.

Third-Party & Supply Chain Security

• Develop and enforce security requirements for vendors, suppliers, and third-party partners.
• Conduct security assessments of supply chain partners to identify and mitigate potential risks.

Security Awareness & Training

• Develop and lead security awareness programs to educate employees on cybersecurity risks and best practices.
• Foster a security-first culture across all levels of the organization.
• Provide guidance and training on security governance processes for internal stakeholders.

Incident Response & Continuous Improvement

• Support security incident response efforts by ensuring governance processes facilitate rapid detection and response.
• Lead post-incident analysis to refine security policies and controls.
• Monitor emerging threats, regulatory changes, and industry trends to evolve TP-Link's security governance strategies.