Director Internal Audit Technology

• Participates in Internal Audit strategic planning activities to develop both short and long-term departmental initiatives that create efficiencies and effectiveness and provide overall value to
• Participates in the development of a flexible rolling risk-based audit plan with inputs resulting from the annual risk assessment
• Ensures the overall quality, consistency, risk management and adherence to IA policies and procedures, IIA Standards, and regulatory requirements.
• Coordinates IT and Security-related activities with external auditors and assures maximum reliance on work performed, and if applicable, coordinates with relevant regulators.
• Responsible for managing staff, including hiring, goal setting, planning and delegation of work, training and development, coaching, and conducts annual performance reviews with established deadlines.
• Establish techniques to discover and prevent fraud and identify anti-fraud criteria and controls.
• Plans, executes, and reports on IT and Security-related audit projects that are new or complex. When necessary, identifies and analyzes risks, prioritizes, and plans the audit work (that includes development of audit scope and risks, controls, and test work program), conducts audit interviews, observes operations, documents and analyzes procedures and controls, performs audit tests, prepares appropriate work papers, develops audit recommendations, reviews them with appropriate management, and prepares audit deliverables. This includes identifying process improvement and cost saving opportunities, assists in the issue management, remediation process, and conducts follow throughs.
• Maintains a current understanding of RIvian’s strategic initiatives, policies and procedures (including operating systems, networks and application processing environments and information security issues), as well as industry “best-practices” and emerging trends of the IT and Security control environments in order to assess how these may impact Internal Audit’s IT and Security-related audit activities.
• Participate in pre-implementation of the new ERP project, including identification and design of relevant business processes and controls to automate.
• Sustains professional and technical knowledge with the idea of expanding this knowledge, personal growth and development through continuing professional education efforts. The increased knowledge may occur through attendance at external trainings, seminars, webinars, conferences, as well as reviewing professional publications, establishing personal networks and participating in professional organizations.
• Facilitates a work environment that fosters and supports ethical decision-making and actions by motivating, promoting and modeling ethical behavior, as well as executing job responsibilities in accordance with Rivian’s core values, ethics, and policies and procedures.
• Develop and implement an annual budget for the area of responsibility that supports the audit plan.
• Supports the Head of Internal Audit with the development of audit methodology, policy and procedures aligned with recognized standards and guidance, and based on best practices; management of Internal Audit team’s activities; and preparation of various Internal Audit reports, including but not limited to presentation to the Audit Committee and other stakeholders.
• Assists in the acquisition and maintenance of audit tools for the Internal Audit Department and use of automation as well as application of new technologies such as data analytics, etc.
• Establish partnerships with business leaders and ensure that audit processes are aligned with strategic direction through the development of an appropriate risk assessment process supporting the development of the rolling audit plan and execution of audits in alignment with the approved audit plan.

• Knowledge of process flow mapping, design and documentation of business process and general information technology controls, controls testing, evaluation of control deficiencies, and remediation plans required
• Comprehensive knowledge and experience in developing IT and IS risk-based audit work programs and performing risk-based auditing with strong project management skills required
• Proficient project management skills
• Demonstrated leadership ability.
• Possess professional expertise as well as strong analytical and technical skills to evaluate highly complex and diverse IT systems while maintaining the ability to understand and relate to the risks to the organization's overall enterprise risk profile.
• Experience working in a manufacturing environment strongly preferred
• Ability to multitask, prioritize, and manage projects/tasks in a fast-paced environment
• Demonstrated knowledge, skills, and expertise in the specialized field of IT auditing including, but not limited to, IT governance, IT general controls, IT project management, IT infrastructure management, software development lifecycle, ERP audits, application security, emerging information security and cybersecurity risk, cloud architecture and controls related to applications hosted in the cloud, data lifecycle management, data privacy, disaster recovery and business resumption, and other technology risks, and as well as IT infrastructure including databases, networks, and operating systems.
• In practicing data analysis, experience using computer-assisted audit techniques, a plus.
• Ability to critically think through complex problems, determine proper processes, and derive conclusions to present results to the team
• 12+ years of experience required, with Big 4 experience strongly preferred
• Ability to work at all levels of organizations, as well as to develop and to maintain effective working relationships with others, to include senior management and Executive Leadership.
• Experience leading end-to-end IT and Information Security (IS) related engagements and serving as a primary liaison for the IA Department when dealing with external auditors and regulatory agencies on IT and IS-related audit activities.
• Expertise in auditing concepts, approaches, tools and techniques; risks and controls; IT and Security concepts, standards, frameworks and best practices.
• Strong verbal and written communication skills with a demonstrated ability to articulate effectively and professionally with all levels of management and Internal Audit personnel as well as external auditor.
• Strong proficiency in the Microsoft Office Suite of products (especially Word, Excel, PowerPoint).
• Experience with SAP or other leading ERP system is required.
• Must be a team player. Ability to multi-task and prioritize.
• High ethical standards with ability to handle confidential / sensitive issues and information with the highest degree of professional responsibility.
• A minimum of three of the following (or an equivalent) Professional certification is required: Certified Internal Auditor (CIA), Certified information System Auditor (CISA), Certified Public Accountant (CPA), Certified in Risk and Information Systems Control (CRISC)
• Knowledge of leading internal control and risk management practices and standards and the ability to perform detailed risk assessments.
• Detail-oriented and exceptionally organized
• Master’s degree in Accounting, Information Technology, or Management Information Systems.

Equal Opportunity

Candidate Data Privacy