Senior Technology Auditor - Internal Audit

About ByteDance Founded in 2012, ByteDance's mission is to inspire creativity and enrich life. With a suite of more than a dozen products, including TikTok, as well as platforms specific to the China market, including Toutiao, Douyin, and Xigua, ByteDance has made it easier and more fun for people to connect with, consume, and create content. Why Join Us Creation is the core of ByteDance's purpose. Our products are built to help imaginations thrive. This is doubly true of the teams that make our innovations possible. Together, we inspire creativity and enrich life - a mission we aim towards achieving every day. To us, every challenge, no matter how ambiguous, is an opportunity; to learn, to innovate, and to grow as one team. Status quo? Never. Courage? Always. At ByteDance, we create together and grow together. That's how we drive impact - for ourselves, our company, and the users we serve. Join us. About Us Internal Audit is a global function responsible for providing independent assurance and evaluating the company's risk management, governance and internal control processes to determine if they are designed and operating effectively. The Internal Audit team plans and executes audit projects according to our risk-based audit plan by evaluating financial, compliance, operational, and IT processes and controls. We work with business functions in addressing risks and improving the control environment through timely and comprehensive audit work and tracking of remediation actions until completion. This role will be part of the Global Technology Audit team within Internal Audit. Hybrid Work Model: We are back to the office with a hybrid work model, with employees working in the office three days per week. About the team We are looking for an experienced technology auditor who will contribute to the ongoing development of the Global Technology Audit function and to ByteDance's efforts to enhance its risk management capabilities in support of the company's business objectives. The individual will be part of the Global Technology Audit team and will engage in deep technical assessments, use of innovative assurance methods to impact and influence positive business outcomes across products such as TikTok, Live, TikTok Shop and Lemon8. Responsibilities - Technology Audit Delivery: Lead planning and execution of operational audit programs and complex technology control assessments: Information Security, Infrastructure, Emerging Technologies (AI/ML, FinTech). Leverage data analytics to detect risk signals and unearth insights. Communicate issues and recommendations to senior management. - Integrated Audit Delivery: Lead planning and execution of integrated audits supporting operations and technology for business functions and productions (Trust & Safety, Monetization, FinTech etc.). Develop deep expertise in one or more TikTok products or business functions. - Technology Risk Assessment: Assist in analysis and identification of emerging technology risks for TikTok. Develop and maintain subject matter expertise in one or more technology domains. - Stakeholder Relationships: Develop and maintain collaborative working relationships with management, understand the business to provide value-added services, and establish credibility as a management consultant and internal controls resource. Partner with engineering and product teams to advise on design and implementation of technology solutions. - Professional Development: Continually expand knowledge of the audit profession, industry, and company products through self-study, research, and continuing education efforts. Develop innovative methodologies for auditing new technologies and services. - Quality Assurance: Ensure the overall quality and consistency of audit work, adhering to department and professional standards. Continuously seek opportunities for audit process improvement.

Minimum Qualifications - Experience: 5+ years of relevant experience in Technology and Operational Audit, Risk Management, Cyber Security Compliance or Security Engineering preferably within the technology sector (Social Media, eCommerce, Fintech etc.) and/or Big4 consulting. - Education: Bachelor's degree in Information Systems, Computer Science or any other related field. - Certifications: Professional certifications such as CISSP, GIAC, CCNA, CISA. - Professional interests: Passion for emerging technologies, products and standards. Strong critical thinking skills combined with the ability to provide a credible technical challenge to the business. - Industry experience: Proven ability to work in a fast-paced environment with a product centric culture. Experience of working at a startup company or tech/fintech company is a plus. - Analytical skills: Proven analytical ability to assess complex technology environments against risk assessment outcomes, industry best practices, internal standards and external regulatory requirements. - Communication skills: Ability to write at a publication quality level in order to communicate findings and recommendations to the senior management team. Preferred Qualifications - Knowledge of external leading risk and control frameworks such as MITRE, CIS benchmarks, COBIT (Control Objectives for Information and related Technology), ISO27000, NIST etc.. - Experience with product security audits. Understanding of the product lifecycle. - Familiarity with AI-powered content management platforms and technologies. - Experience with databases and programming languages (SQL Server, MySQL, Python etc.). - Experience with social media industry compliance frameworks (DSA, DMA, OSA). ByteDance is committed to creating an inclusive space where employees are valued for their skills, experiences, and unique perspectives. Our platform connects people from across the globe and so does our workplace. At ByteDance, our mission is to inspire creativity and enrich life. To achieve that goal, we are committed to celebrating our diverse voices and to creating an environment that reflects the many communities we reach. We are passionate about this and hope you are too. ByteDance Inc. is committed to providing reasonable accommodations in our recruitment processes for candidates with disabilities, pregnancy, sincerely held religious beliefs or other reasons protected by applicable laws. If you need assistance or a reasonable accommodation, please reach out to us at https://shorturl.at/cdpT2. #LI-Hybrid