Compliance Internal Audit Lead - Privacy

gement consultant and internal controls resource.

• Subject Matter: Ability to grasp complex, home grown technology stack, comfortable speaking with legal and product teams; and be the go-to person on compliance topics such as Privacy & Data protection and regulatory frameworks. Understanding emerging compliance hot spots and build a robust framework to help manage changing compliance landscape.
• Compliance Assessment: Work closely with business partners, including product and legal compliance leaders, to assess complex regulatory frameworks and evaluate applicability across Bytedances suite of products.
• Audit Program Development: Collaborate with the Global Head of Compliance and peers to develop and implement an audit program for compliance and integrated audits, tailored to TikTok and ROW ByteDance products (example: Lemon8, CapCut, TikTok LIVE, TikTok Shop etc.).
• Quality Assurance: Ensure the overall quality and consistency of audit work, adhering to department and professional standards. Continuously seek opportunities for audit process improvement.
• Audit Techniques: Identify and develop audit techniques, including continuous auditing, data analysis, and monitoring using internal platforms and technology.

Qualifications

Minimum Qualifications:

• Portfolio Management: Demonstrated experience managing a portfolio of audits, with concurrent oversight and execution of multiple projects.
• Integrated Audits: Experience managing integrated audits that address a combination of financial/compliance and technology objectives.
• Professional interests: Passion for decoding compliance, products and standards. Strong critical thinking skills combined with the ability to provide a credible technical challenge to the business.
• Industry experience: Proven ability to work in a fast-paced environment with a product centric culture.
• Analytical skills: Proven analytical ability to assess complex technology environments against risk assessment outcomes, industry best practices, internal standards and external regulatory requirements.
• Communication skills: Strong written communication skills appropriate for executive reporting and presentation.
• Global Experience: Experience working in a global organization and managing projects across different time zones (America and EMEA).

Preferred Qualifications:

• Experience: 5+ years of experience in compliance or compliance adjacent fields.
• Understanding of data protection and privacy frameworks (eg. GDPR).
• Ability to identify gaps in privacy controls and regulatory frameworks and provide risk-based recommendations for remediation.
• Knowledge of regulations, compliance testing methodologies, and risk management principles as it applies to fast growth technology companies.
• Experience of working at a startup company or tech/fintech company is a plus.
• Education: Bachelor's degree in law, risk, business or any other related field.
• Knowledge of external current and upcoming risk and controls frameworks such as DSA, DMA, EU AI Act, etc. is a plus but not essential.
• Certifications: Professional certifications such as CFE, CISA, CIA, CRISC, CRCM.