Internal Audit Senior, IT

Internal Audit Senior, ITReady to be pushed beyond what you think you're capable of? At Coinbase, our mission is to increase economic freedom in the world. It's a massive, ambitious opportunity that demands the best of us, every day, as we build the emerging onchain platform and with it, the future global financial system. To achieve our mission, we're seeking a very specific candidate. We want someone who is passionate about our mission and who believes in the power of crypto and blockchain technology to update the financial system. We want someone who is eager to leave their mark on the world, who relishes the pressure and privilege of working with high caliber colleagues, and who actively seeks feedback to keep leveling up. We want someone who will run towards, not away from, solving the company's hardest problems. Our work culture is intense and isn't for everyone. But if you want to build the future alongside others who excel in their disciplines and expect the same from you, there's no better place to be. While many roles at Coinbase are remote-first, we are not remote-only. In-person participation is required throughout the year. Team and company-wide offsites are held multiple times annually to foster collaboration, connection, and alignment. Attendance is expected and fully supported.Coinbase is looking for an Internal Audit Senior, IT to join the Internal Audit team focusing primarily on global IT and security related audits. This role is based in the US (Remote) and will be reporting to an Internal Audit IT Senior Manager. The individual will be responsible for executing all aspects of audits, providing independent testing and audit coverage of technology, products and information security globally at Coinbase. This includes coverage over information and cyber security areas, infrastructure, platforms and applications, and governance over information technology and security. The individual has audit experience within one of the following areas: Information Security, IT governance, risk management or application security.What You'll Be DoingAs a part of a global internal audit team and working closely with the global IT audit portfolio, develop next generation audit practices to maintain a best-in-class global internal audit function. In depth understanding of local global regulatory requirements as it pertains to information technology, security and overall financial services applicable to Coinbase. Responsible for supporting Coinbase's internal audit plan through the execution of information technology and security related audits from beginning to end. Key activities include audit planning, stakeholder management, fieldwork execution, reporting and validation of remediated audit findings. Develop audit reports on the effectiveness of the internal control structure for an executive level audience, ensuring reported findings are appropriately documented and supported by evidence. Develop customized and valuable solutions to issues identified during the course of audits performed. Manage and support internal audit staff and perform ad-hoc investigations/audits/reviews as required. Responsible for tracking and evaluating the adequacy and timeliness of management's response and the corrective action taken on internal audit findings, including validation of remediation activities. Remain current and increase knowledge of regulatory requirements that impact the organization, as well as in the areas of internal control, technology, security, business, company products and company information. Assist in the preparation of internal audit materials for the Audit Committee and Board of Directors. Validate the effectiveness of control function by leading periodic control certifications for all documented controls. Establish and maintain trusted relationships with business unit management across all levels. Work closely with both first and second lines of defense to maximize meetings utility, testing efficiencies and internal controls review coverage across the organization. Serve as a value-add and advisory function to business partners by identifying ways to address audit findings or opportunities for enhancements with the goal of mitigating risk and improving technology, security, and operational performance without compromising 3rd Line of Defense independence and objectivity. Assist with responses to regulatory inquiries as they relate to internal audit matters. Communicate with and educate process owners effectively, including non-finance individuals, on the importance of controls, an effective control environment, and the role of Internal Auditor. Promote new ideas / innovative means of executing projects and internal infrastructure enhancements focused on process or technology improvements.What We Look For In YouBachelor's degree in computer science/management information systems or related information technology or security fields and/or accounting or related fields. 4+ years of experience in internal audit with a heavy focus on technology, information technology and information security audit; or experience in first line, operational, technology, software development, and security fields. Excellent understanding of cloud based technology stack, software and application development lifecycle, cloud configurations and security services, and overall an enterprise technology stack operations, maintenance and oversight risks and controls. Proven project management skills with the ability to juggle multiple responsibilities and deadlines. Solid analytical and problem solving skills, with high standards for quality, accuracy and attention to detail. Excellent written and verbal communication skills. Self-driven, ability to work independently and in a team environment. Experience working in a fast paced organization. Excellent understanding of data analysis techniques. Demonstrated proficiency in Google Suite or MS Excel, Word and PowerPoint. Basic scripting experience in coding languages such as Python, Ruby, etc.Nice To HavesProfessional Internal Audit / IT / Security qualification (e.g., CISA, CFE, etc.) or comprehensive working knowledge of the Chartered Institute of Internal Auditor practice. Understanding of international regulatory requirements as it pertains to information technology and security. Understanding of crypto, payments and/or financial services industry and experience in auditing information systems and controls. Entrepreneurial attitude and experience with, or the ability to adapt to, a rapidly growing start-up with associated complexities and ambiguities. Experience working with/in an out-sourced or co-sourced internal audit function. Ability to work across functions and time zones.