Compliance Internal Audit Lead - Privacy
- London
- Permanent
- Full-time
- Audit Management & Execution: Lead planning and execution of compliance audit programs and compliance risk assessments. Leverage data analytics to detect risk signals and unearth insights. Communicate issues and recommendations to senior management.
- Stakeholder Relationships: Develop and maintain collaborative working relationships with management, understand the business to provide value-added services, and establish credibility as a management consultant and internal controls resource.
- Subject Matter: Ability to grasp complex, home grown technology stack, comfortable speaking with legal and product teams; and be the go-to person on compliance topics such as Privacy & Data protection and regulatory frameworks. Understanding emerging compliance hot spots and build a robust framework to help manage changing compliance landscape.
- Compliance Assessment: Work closely with business partners, including product and legal compliance leaders, to assess complex regulatory frameworks and evaluate applicability across Bytedances suite of products.
- Audit Program Development: Collaborate with the Global Head of Compliance and peers to develop and implement an audit program for compliance and integrated audits, tailored to TikTok and ROW ByteDance products (example: Lemon8, CapCut, TikTok LIVE, TikTok Shop etc.).
- Quality Assurance: Ensure the overall quality and consistency of audit work, adhering to department and professional standards. Continuously seek opportunities for audit process improvement.
- Audit Techniques: Identify and develop audit techniques, including continuous auditing, data analysis, and monitoring using internal platforms and technology.Qualifications:Minimum Qualifications:
- Portfolio Management: Demonstrated experience managing a portfolio of audits, with concurrent oversight and execution of multiple projects.
- Integrated Audits: Experience managing integrated audits that address a combination of financial/compliance and technology objectives.
- Professional interests: Passion for decoding compliance, products and standards. Strong critical thinking skills combined with the ability to provide a credible technical challenge to the business.
- Industry experience: Proven ability to work in a fast-paced environment with a product centric culture.
- Analytical skills: Proven analytical ability to assess complex technology environments against risk assessment outcomes, industry best practices, internal standards and external regulatory requirements.
- Communication skills: Strong written communication skills appropriate for executive reporting and presentation.
- Global Experience: Experience working in a global organization and managing projects across different time zones (America and EMEA).Preferred Qualifications:
- Experience: 5+ years of experience in compliance or compliance adjacent fields.
- Understanding of data protection and privacy frameworks (eg. GDPR).
- Ability to identify gaps in privacy controls and regulatory frameworks and provide risk-based recommendations for remediation.
- Knowledge of regulations, compliance testing methodologies, and risk management principles as it applies to fast growth technology companies.
- Experience of working at a startup company or tech/fintech company is a plus.
- Education: Bachelor's degree in law, risk, business or any other related field.
- Knowledge of external current and upcoming risk and controls frameworks such as DSA, DMA, EU AI Act, etc. is a plus but not essential.
- Certifications: Professional certifications such as CFE, CISA, CIA, CRISC, CRCM.