![\"logo\"](\"https://cms.jibecdn.com/prod/rivian/assets/HEADER-LOGO_IMG-en-us-1687333994246.svg\"){kind=logo}
Rivian is on a mission to keep the world adventurous forever. This goes for the emissions-free Electric Adventure Vehicles we build, and the curious, courageous souls we seek to attract.
\n\n
As a company, we constantly challenge what’s possible, never simply accepting what has always been done. We reframe old problems, seek new solutions and operate comfortably in areas that are unknown. Our backgrounds are diverse, but our team shares a love of the outdoors and a desire to protect it for future generations.
Role Summary
Rivian is looking for an objective, detail-oriented, and proficient information Technology Assurance Director. The Director’s primary responsibility is to protect the company’s assets by planning and completing information technology audits and special projects, recommends process improvements, provides independent, objective assurance and consulting services designed to review and appraise the soundness, adequacy, and application of governance, risk management, accounting, financial, operating, and administrative controls, as well as promoting a risk-based balance of cost and benefit in establishing an effective system of IT controls.
\n\n
Specific areas of audit focus include, but are not limited to, IT governance, IT general controls, Segregation of Duties; IT project management, IT infrastructure management, software development lifecycle, application security, application controls, emerging information security and cybersecurity risk, cloud architecture and controls related to applications hosted in the cloud, data lifecycle management, data privacy, disaster recovery and business continuity.
Responsibilities
- \n
- Supports the Head of Internal Audit with the development of audit methodology, policy and procedures aligned with recognized standards and guidance, and based on best practices; management of Internal Audit team’s activities; and preparation of various Internal Audit reports, including but not limited to presentation to the Audit Committee and other stakeholders. \n
- Participates in Internal Audit strategic planning activities to develop both short and long-term departmental initiatives that create efficiencies and effectiveness and provide overall value to \n
- Develop and implement an annual budget for the area of responsibility that supports the audit plan. \n
- Maintains a current understanding of RIvian’s strategic initiatives, policies and procedures (including operating systems, networks and application processing environments and information security issues), as well as industry “best-practices” and emerging trends of the IT and Security control environments in order to assess how these may impact Internal Audit’s IT and Security-related audit activities. \n
- Establish partnerships with business leaders and ensure that audit processes are aligned with strategic direction through the development of an appropriate risk assessment process supporting the development of the rolling audit plan and execution of audits in alignment with the approved audit plan. \n
- Participates in the development of a flexible rolling risk-based audit plan with inputs resulting from the annual risk assessment \n
- Plans, executes, and reports on IT and Security-related audit projects that are new or complex. When necessary, identifies and analyzes risks, prioritizes, and plans the audit work (that includes development of audit scope and risks, controls, and test work program), conducts audit interviews, observes operations, documents and analyzes procedures and controls, performs audit tests, prepares appropriate work papers, develops audit recommendations, reviews them with appropriate management, and prepares audit deliverables. This includes identifying process improvement and cost saving opportunities, assists in the issue management, remediation process, and conducts follow throughs. \n
- Responsible for managing staff, including hiring, goal setting, planning and delegation of work, training and development, coaching, and conducts annual performance reviews with established deadlines. \n
- Participate in pre-implementation of the new ERP project, including identification and design of relevant business processes and controls to automate. \n
- Assists in the acquisition and maintenance of audit tools for the Internal Audit Department and use of automation as well as application of new technologies such as data analytics, etc. \n
- Facilitates a work environment that fosters and supports ethical decision-making and actions by motivating, promoting and modeling ethical behavior, as well as executing job responsibilities in accordance with Rivian’s core values, ethics, and policies and procedures. \n
- Establish techniques to discover and prevent fraud and identify anti-fraud criteria and controls. \n
- Coordinates IT and Security-related activities with external auditors and assures maximum reliance on work performed, and if applicable, coordinates with relevant regulators. \n
- Ensures the overall quality, consistency, risk management and adherence to IA policies and procedures, IIA Standards, and regulatory requirements. \n
- Sustains professional and technical knowledge with the idea of expanding this knowledge, personal growth and development through continuing professional education efforts. The increased knowledge may occur through attendance at external trainings, seminars, webinars, conferences, as well as reviewing professional publications, establishing personal networks and participating in professional organizations. \n
Qualifications
- \n
- Master’s degree in Accounting, Information Technology, or Management Information Systems. \n
- 12+ years of experience required, with Big 4 experience strongly preferred \n
- Demonstrated knowledge, skills, and expertise in the specialized field of IT auditing including, but not limited to, IT governance, IT general controls, IT project management, IT infrastructure management, software development lifecycle, ERP audits, application security, emerging information security and cybersecurity risk, cloud architecture and controls related to applications hosted in the cloud, data lifecycle management, data privacy, disaster recovery and business resumption, and other technology risks, and as well as IT infrastructure including databases, networks, and operating systems. \n
- A minimum of three of the following (or an equivalent) Professional certification is required: Certified Internal Auditor (CIA), Certified information System Auditor (CISA), Certified Public Accountant (CPA), Certified in Risk and Information Systems Control (CRISC) \n
- Expertise in auditing concepts, approaches, tools and techniques; risks and controls; IT and Security concepts, standards, frameworks and best practices. \n
- Experience leading end-to-end IT and Information Security (IS) related engagements and serving as a primary liaison for the IA Department when dealing with external auditors and regulatory agencies on IT and IS-related audit activities. \n
- Comprehensive knowledge and experience in developing IT and IS risk-based audit work programs and performing risk-based auditing with strong project management skills required \n
- Experience with SAP or other leading ERP system is required. \n
- Strong verbal and written communication skills with a demonstrated ability to articulate effectively and professionally with all levels of management and Internal Audit personnel as well as external auditor. \n
- Must be a team player. Ability to multi-task and prioritize. \n
- Knowledge of leading internal control and risk management practices and standards and the ability to perform detailed risk assessments. \n
- Demonstrated leadership ability. \n
- Ability to work at all levels of organizations, as well as to develop and to maintain effective working relationships with others, to include senior management and Executive Leadership. \n
- Possess professional expertise as well as strong analytical and technical skills to evaluate highly complex and diverse IT systems while maintaining the ability to understand and relate to the risks to the organization's overall enterprise risk profile. \n
- In practicing data analysis, experience using computer-assisted audit techniques, a plus. \n
- Strong proficiency in the Microsoft Office Suite of products (especially Word, Excel, PowerPoint). \n
- High ethical standards with ability to handle confidential / sensitive issues and information with the highest degree of professional responsibility. \n
- Experience working in a manufacturing environment strongly preferred \n
- Knowledge of process flow mapping, design and documentation of business process and general information technology controls, controls testing, evaluation of control deficiencies, and remediation plans required \n
- Proficient project management skills \n
- Detail-oriented and exceptionally organized \n
- Ability to critically think through complex problems, determine proper processes, and derive conclusions to present results to the team \n
- Ability to multitask, prioritize, and manage projects/tasks in a fast-paced environment \n
Equal Opportunity
\nRivian is an equal opportunity employer and complies with all applicable federal, state, and local fair employment practices laws. All qualified applicants will receive consideration for employment without regard to race, color, religion, national origin, ancestry, sex, sexual orientation, gender, gender expression, gender identity, genetic information or characteristics, physical or mental disability, marital/domestic partner status, age, military/veteran status, medical condition, or any other characteristic protected by law.
\n\n
Rivian is committed to ensuring that our hiring process is accessible for persons with disabilities. If you have a disability or limitation, such as those covered by the Americans with Disabilities Act, that requires accommodations to assist you in the search and application process, please email us at candidateaccommodations@rivian.com.
\nCandidate Data Privacy
\nRivian may collect, use and disclose your personal information or personal data (within the meaning of the applicable data protection laws) when you apply for employment and/or participate in our recruitment processes (“Candidate Personal Data”). This data includes contact, demographic, communications, educational, professional, employment, social media/website, network/device, recruiting system usage/interaction, security and preference information. Rivian may use your Candidate Personal Data for the purposes of (i) tracking interactions with our recruiting system; (ii) carrying out, analyzing and improving our application and recruitment process, including assessing you and your application and conducting employment, background and reference checks; (iii) establishing an employment relationship or entering into an employment contract with you; (iv) complying with our legal, regulatory and corporate governance obligations; (v) recordkeeping; (vi) ensuring network and information security and preventing fraud; and (vii) as otherwise required or permitted by applicable law.
\n\n
Rivian may share your Candidate Personal Data with (i) internal personnel who have a need to know such information in order to perform their duties, including individuals on our People Team, Finance, Legal, and the team(s) with the position(s) for which you are applying; (ii) Rivian affiliates; and (iii) Rivian’s service providers, including providers of background checks, staffing services, and cloud services.
\n\n
Rivian may transfer or store internationally your Candidate Personal Data, including to or in the United States, Canada, the United Kingdom, and the European Union and in the cloud, and this data may be subject to the laws and accessible to the courts, law enforcement and national security authorities of such jurisdictions.
\n\n
Please note that we are currently not accepting applications from third party application services.
