Senior Tech Compliance Specialist
Coupang · South Korea
Company Introduction We exist to wow our customers. We know we're doing the right thing when we hear our customers say, "How did we ever live without Coupang?" Born out of an obsession to make shopping, eating, and living easier than ever, we're collectively disrupting the multi-billion-dollar e-commerce industry from the ground up. We are one of the fastest-growing e-commerce companies that established an unparalleled reputation for being a dominant and reliable force in South Korean commerce. Our mission to build the future of commerce is real. We push the boundaries of what's possible to solve problems and break traditional tradeoffs. Join Coupang now to create an epic experience in this always-on, high-tech, and hyper-connected world. Role Overview Compliance TPM role specializing in SOX IT General Controls (ITGC). This role will report to the Director of Tech Compliance and own multiple areas within IT compliance program driving a consistent and high-quality level of IT controls testing across all SOX applications - managing risks and vulnerabilities that impact the completeness and accuracy of our financial statements, engaging in depth with application owners on remediation and control adoption, and partnering with engineering leaders cross organizationally to enhance and scale the IT SOX program. Responsibilities
Compliance Program Management
Partner between Engineering & Corp IT for internal and external IT control audits, participate in IT walkthroughs, and assist management in responding to internal and external auditor requests relating to ITGCs, IT Application Controls (ITACs), and Key Reports, as necessary
Prioritize, scope and drive IT control initiatives across engineering organizations, manage and communicate project milestones to ensure successful delivery
Identify and manage compliance risks & gaps take precaution measures to mitigate the risk, unblock the program
Develop and drive short / long term strategic initiatives to enhance and scale IT SOX program effectiveness
Controls Design and Deficiencies
Design, implementation and ongoing monitoring of IT general controls across Coupang Engineering and Corporate IT systems and its subsidiaries, which may include design of relevant processes or technical infrastructure to support controls
Driving IT control deficiency remediation efforts, including conducting root cause analysis, impact analysis, identify mitigating controls, creating remediation plans and hands-on coordination with IT process owners ensuring the success of remediation activities
Perform quarterly IT deficiency evaluations in coordination with Finance.
Documentation
Documentation and management of ITGC narratives, Risk and Controls Matrix, and the inventory of SOX in-scope IT systems, applications, supporting tools, and financial data flow mapping and keep them up to date on a regular basis.
Ensure all ITGC Documentation, findings and audit requests are stored, collaborated on and accessible on the Company’s centralized SOX program management tool (Workiva)
Technical Knowledge
Develop an deep understanding of the company’s platform infrastructure and processes, including knowledge of risks to service-oriented technology architecture, and how those systems interact with Corporate IT systems for the purposes of financial reporting
Maintain an awareness of new and emerging IT risks, regulations and trends that impact technology controls and IT controls accordingly
Other Responsibilities
In partnership with Finance, Security, Engineering, and Corp IT teams, manage and remediate SOD conflicts identified in relevant financial reporting systems.
Maintain an inventory of SOX in-scope 3rd party service organizations, obtain, and evaluate SOC reports based on a defined frequency, document results, and lead remediation of any unmitigated risks.
Basic Qualifications
Bachelor’s degree computer sciences, mathematics, management/computer information systems, accounting, or related fields. MBA or relevant graduate degree preferred – can be replaced by experience
Around 12 years of related work experience in information technology SOX compliance, IT risk management, or related fields
Strong knowledge of Sarbanes-Oxley Section 404 (SOX) and IT General Controls
Professional auditing, security, or technology designation (e.g., CIA, CISA, CISSP, CISRM, etc.)
Knowledge of IT / Information Security risks and controls principles
Foundation in analyzing, problem determination, and resolving complex IT problems
Experienced with controls, or risk management with both enterprise applications and developed software, including:
Fluent English and Korean preferred
Other Key Attributes
Excellent written and oral communication
Ruthless Prioritization: self-directed and accountable with the ability to manage competing tasks within specified deadlines
Move with Urgency: proven track record driving tangible results on short deadlines
Comfortable with cross-team collaboration and communication
Ability to be collaborative and to encourage collaboration
Ability to positively influence others
Recruitment Process and Others
Recruitment Process
Application Review - Phone Interview - Onsite (or Virtual Onsite) Interview – Offer The exact nature of the recruitment process may vary according to the specific job and may be changed due to scheduling or other circumstances. Interview schedules and the results will be informed to the applicant via the e-mail address submitted at the application stage.
Things to Consider
This job posting may be closed prior to the stated end date for application if all openings are filled. Coupang has the right to rescind an offer of employment if a candidate is found to have submitted false information as part of the application process. Coupang does not discriminate against disabled applicants or those with veteran status. We are proud to offer equal opportunities for all applicants.
Privacy Notice
Your personal information will be collected and managed by Coupang as stated in the Application Privacy Notice located HERE.
Document Return Policy
This notification is given pursuant to Article 11 (6) of the Fair Hiring Procedure Act. A job applicant, who has applied but not been finally selected for a position at Coupang (the “Company”), may request the Company to return his/her hiring documents submitted pursuant to the Fair Hiring Procedure Act. However, this will not apply where the hiring documents were submitted via the website of the Company or e-mail, or where the job applicant submitted those documents voluntarily without a request from the Company. In addition, if the hiring documents were destroyed due to a natural disaster or any other reasons not attributable to the Company, such documents will be deemed to have been returned to the job applicant. A job applicant who wishes to request the return of his/her hiring documents pursuant to the main sentence of paragraph 2 above should fill out a “Request for Return of Hiring Documents” [Annex Form No. 3 in the Enforcement Rule of the Fair Hiring Procedure Act] and submit the request to the Company by email ([email protected]) In such case, within fourteen (14) days from the date of identifying the receipt of the request, the Company will send the hiring documents to the job applicant’s designated address via registered mail. Please be informed that the job applicant is required to pay the postage on the registered mail. In preparation for a job applicant’s request for the return of hiring documents pursuant to the main sentence of paragraph 2 above, the Company shall retain the original hiring documents submitted by the job applicant for 180 days from the completion of the recruiting process. If no request is made until the end of this period, all of his/her hiring documents will be destroyed immediately in accordance with the Personal Information Protection Act.
Equal Opportunities for All Coupang is an equal opportunity employer. Our unprecedented success could not be possible without the valuable inputs of our globally diverse team.