Technology Audit Senior
San Jose, CA, United States
About ByteDance
Founded in 2012, ByteDance's mission is to inspire creativity and enrich life. With a suite of more than a dozen products, including TikTok and Helo as well as platforms specific to the China market, including Toutiao, Douyin, and Xigua, ByteDance has made it easier and more fun for people to connect with, consume, and create content.
Why Join Us
Creation is the core of ByteDance's purpose. Our products are built to help imaginations thrive. This is doubly true of the teams that make our innovations possible.
Together, we inspire creativity and enrich life - a mission we aim towards achieving every day.
To us, every challenge, no matter how ambiguous, is an opportunity; to learn, to innovate, and to grow as one team. Status quo? Never. Courage? Always.
At ByteDance, we create together and grow together. That's how we drive impact - for ourselves, our company, and the users we serve.
Join us.
About
Parts of this role will require supporting across ByteDance, as well as TikTok. ByteDance is TikTok's parent company, whose mission is to inspire creativity and enrich life.
About the team
The Internal Audit team plans and executes audit projects according to our risk-based audit plan by evaluating the efficiency and effectiveness of financial, compliance, operational, and technology processes. We work with business and engineering functions in addressing risks and improving the control environment through timely and comprehensive audit work and tracking of remediation actions until completion.
Position Summary:
We are seeking a motivated, mission-oriented technology and cyber risk professional with strong business acumen, security experience based in Los Angeles or San Jose. The Technology Audit senior will be responsible for performing technology audits of TikTok products, services and infrastructure. You will collaborate with various engineering, product, cyber security, compliance and business teams to identify risks and control gaps and make valuable recommendations to improve the Company's technology control landscape.
Responsibilities:
Lead planning and execution of operational audit programs and complex technology control assessments in the following areas: cybersecurity, privacy, data management, IT strategy and governance, IT operations, BCP, network and infrastructure operations, product and cloud security, and regulatory/compliance requirements.Assist in analysis and identification of emerging technology risks for TikTok technology stack. Develop and maintain subject matter expertise in one or more technology domains. Develop innovative methodologies for auditing new technologies and services. Partner with data analytics to effectively leverage tools to analyze risk signals and unearth insights.Plan, design and execute integrated technology audits supporting business and operations (Trust & Safety, Monetization, FinTech etc.). Partner with business teams and develop deep expertise in one or more TikTok products or business functions.Review processes and controls against leading industry frameworks and best practices, identify gaps in design and execution, and communicate issues and recommendations to senior management. Draft comprehensive executive summaries and final reports for delivery to senior management and document and review engagement work papers in accordance with industry-accepted internal audit methodologies.Partner with engineering and product teams to advise on design and implementation of technology solutions.
Minimum Qualifications
- Experience related to technology risk management: Cybersecurity, Technology Audit, Risk Management, Technical Program Management or Privacy preferably within the technology sector (Social Media, eCommerce, Fintech etc.).
- Passion for emerging technologies, products and standards. Strong critical thinking skills combined with the ability to provide a credible technical challenge to the business
- Proven ability to work in a fast-paced environment with a product centric culture. Experience of working at a startup company or project is a plus.
- Proven analytical ability to assess complex technology environments against risk assessment outcomes, industry best practices, internal standards and external regulatory requirements.
- Strong leadership and communication skills, and the ability to write at a publication quality level in order to communicate findings and recommendations to the senior management team.
- Solutions oriented, with a track record of identifying and implementing creative solutions and rolling up your sleeves to “get it done”.
- 20-30% global travel is required.
Preferred Qualifications
- Knowledge of external leading risk and controls frameworks such as COBIT (Control Objectives for Information and related Technology), ISO27000, NIST, and IT related internal controls
- Professional certification such as CISSP, GIAC, MCP, CCNA, CISA, or CIA
ByteDance is committed to creating an inclusive space where employees are valued for their skills, experiences, and unique perspectives. Our platform connects people from across the globe and so does our workplace. At ByteDance, our mission is to inspire creativity and enrich life. To achieve that goal, we are committed to celebrating our diverse voices and to creating an environment that reflects the many communities we reach. We are passionate about this and hope you are too.
ByteDance Inc. is committed to providing reasonable accommodations in our recruitment processes for candidates with disabilities, pregnancy, sincerely held religious beliefs or other reasons protected by applicable laws. If you need assistance or a reasonable accommodation, please reach out to us at https://shorturl.at/cdpT2
#LI-Hybrid
#J-18808-Ljbffr