The Senior IT Audit will report to the Rakuten USA Director/Head of Internal Audit and IT Audit Manager operationally, and will be a critical part of the Rakuten Americas Internal Audit Team. IT Senior Auditor will assist the IT Audit Manager in establishing an effective IT internal audit program including identifying, planning, organizing and executing audits that work towards Rakuten's goals and objectives. The position will have a key role in assessing the company's compliance with the requirements of the Japanese Sarbanes Oxley (JSOX) act as well as EU General Data Protection Regulation and California Consumers Protection Act. The position will be further called on to identify and implement Information Technology department process improvements.
- Responsible for planning and audit scope development, developing audit work program, organizing, and executing IT audit engagements to evaluate risk, determine control objectives, and verify the extent to which client techniques meet objectives.
- Interact with management, collaboratively with Information Security team and external auditors to assess audit findings including control weaknesses with an appropriate degree of professional skepticism.
- Assist in the development of the annual risk assessment and IT internal audit methodology.
- Assist in the development of audit strategies, best practices and utilization of relevant technology or audit tools.
- Inform audit management of current audit, prior year audit findings, and assist business partners with the development of Management Action Plans to mitigate weaknesses and evaluate adequacy of management's response and/or to ensure proper correction actions taken place to address prior year recommendations or findings.
- Maintain business relationships with appropriate levels of client management to ensure that audit management is aware of changes in business activities and objectives, and if necessary, audit responses is developed.
- Ensure audit work papers and reports are completed timely, logical, and organized to support conclusions and ready for audit management review.
- Perform other ad-hoc projects such as operational, financial, or relevant compliance audits and activities, as needed.
- Collaborate with Information Security, Compliance, Legal Teams to make technology and operations efficient, compliant, and secure while managing other broad business risks.
EDUCATION/EXPERIENCE REQUIREMENTS: (including certification, licenses, etc.)
- Bachelor's degree in information systems, Accounting or related business field
- 5+ years experience in Internal Audit, IT internal controls environment
- A professional certification such as CISA/CISM, CISSP, CPA and/or public accounting, professional services firm experience is preferred
- Experience with information security distributed operating systems, databases, network technology, cloud-based and virtualized environments, tokenized services.
- Experience evaluating system controls associated with complex operational and regulatory environment.
- Knowledge of SDLC, COBIT, ITIL, ISO, IT General Controls preferred
- Excellent communication skills in both written and verbal forms; previous experience in writing internal audit reports, preferred
- Travel up to approximately 30%
RAKUTEN SHUGI PRINCIPLES
Our worldwide practices describe specific behaviors that make Rakuten unique and united across the world. We expect Rakuten employees to model these 5 Shugi Principles of Success.
- Always improve, always advance. Only be satisfied with complete success - Kaizen.
- Be passionately professional. Take an uncompromising approach to your work and be determined to be the best.
- Hypothesize - Practice - Validate - Shikumika. Use the Rakuten Cycle to success in unknown territory.
- Maximize Customer Satisfaction. The greatest satisfaction for workers in a service industry is to see their customers smile.
- Speed!! Speed!! Speed!! Always be conscious of time. Take charge, set clear goals, and engage your team.