ByteDance

Responsibilities

Team Introduction:

Internal Audit is a global function responsible for providing independent assurance and evaluating the company's risk management, governance and internal control processes to determine if they are designed and operating effectively. The Internal Audit team plans and executes audit projects according to our risk-based audit plan by evaluating financial, compliance, operational, and IT processes and controls. We work with business functions in addressing risks and improving the control environment through timely and comprehensive audit work and tracking of remediation actions until completion.

Hybrid Work Model: We are back to the office with a hybrid work model, with employees working in the office three days per week.

Position Summary:

We are looking for an experienced technology audit lead that will contribute to the ongoing development of the Global Technology Audit function and to ByteDance's efforts to enhance its risk management capabilities in support of financial reporting and associated IT controls compliance. The individual will be part of the Global Technology Audit team and innovative assurance methods to impact and influence positive business outcomes across products such as TikTok, TikTok Shop and CapCut.

Responsibilities:

• Integrated Audit Delivery: Lead the end-to-end Financial IT Controls program for home grown ads revenue systems, enterprise systems, including planning, scoping, risk assessment, controls testing, and reporting. Collaborating with risk owners to ensure risk mitigation plans are developed and completed, tracking and reporting on the progress of the remediation plans on a regular basis
• Technology Risk Assessment: Assist in analysis and identification of emerging technology and financial risks. Develop and maintain subject matter expertise in one or more technology domains. Ability to grasp complex, home grown technology stack, comfortable speaking with engineers and product teams
• Stakeholder Relationships: Develop and maintain collaborative working relationships with management, understand the business to provide value-added services, and establish credibility as a management consultant and internal controls resource. Provide guidance and training to IT control owners to promote awareness and understanding of Financial IT control compliance requirements.
• Professional Development: Continually expand knowledge of the audit profession, industry, and company products through self-study, research, and continuing education efforts. Develop innovative methodologies for auditing new technologies and services.
• Quality Assurance: Ensure the overall quality and consistency of audit work, adhering to department and professional standards. Continuously seek opportunities for audit process improvement.

Qualifications

Minimum Qualifications:

• Experience: 5+ years of relevant experience in Technology and Operational audits, Risk Management, preferably within the technology sector (Social Media, eCommerce, Fintech etc.), and/or Big4 consulting, with a focus on IT General Controls (ITGCs). Experience in identifying, designing, and testing IT controls.
• Education: Bachelor's degree in Information Systems, Accounting, Computer Science or any other related field.
• Integrated Audits: Experience with SOX 404, the COSO framework, COBIT principles, IT security standards, and risk management best practices.
• Industry experience: Proven ability to work in a fast-paced environment with a product centric culture. Experience of working at ad tech or tech/fintech company is a plus.
• Analytical skills: Proven analytical ability to assess complex technology environments against risk assessment outcomes, industry best practices, internal standards and external regulatory requirements.
• Communication skills: Ability to write at a publication quality level in order to communicate findings and recommendations to the senior management team.

Preferred Qualifications:

• Proficiency in Mandarin is a plus (not required), as the role may involve reviewing financial documents, system data, and occasional communication with our team in China
• Experience leading IT SOX efforts for home grown micro-services based systems.
• Professional certifications such as CISA, CISSP, CIA, or CPA.
• Experience working in a global organization and managing projects across different time zones.
• Passion for emerging technologies, products and standards. Strong critical thinking skills combined with the ability to provide a credible technical challenge to the business.