IT Internal Audit Manager

Ready to be pushed beyond what you think you’re capable of?

At Coinbase, our mission is to increase economic freedom in the world. It’s a massive, ambitious opportunity that demands the best of us, every day, as we build the emerging onchain platform — and with it, the future global financial system.

To achieve our mission, we’re seeking a very specific candidate. We want someone who is passionate about our mission and who believes in the power of crypto and blockchain technology to update the financial system. We want someone who is eager to leave their mark on the world, who relishes the pressure and privilege of working with high caliber colleagues, and who actively seeks feedback to keep leveling up. We want someone who will run towards, not away from, solving the company’s hardest problems.

Our work culture is intense and isn’t for everyone. But if you want to build the future alongside others who excel in their disciplines and expect the same from you, there’s no better place to be.

While many roles at Coinbase are remote-first, we are not remote-only. In-person participation is required throughout the year. Team and company-wide offsites are held multiple times annually to foster collaboration, connection, and alignment. Attendance is expected and fully supported.

Coinbase is looking for an Internal Audit IT Manager to join the Internal Audit team focusing primarily on EMEA IT and security related audits. This role will be hybrid in Luxembourg and will be reporting to an Internal Audit IT Senior Manager. The individual will be responsible for executing all aspects of audits, providing independent testing and audit coverage of technology, products and information security globally at Coinbase. This includes coverage over information and cyber security areas, infrastructure, platforms and applications, and governance over information technology and security. The individual has audit experience within one of the following areas: Information Security, IT governance, risk management or application security.

What you’ll be doing

• As a part of a global internal audit team and working closely with the EMEA IT audit portfolio, develop next generation audit practices to maintain a best-in-class global internal audit function.
• In depth understanding of local EMEA regulatory requirements as it pertains to information technology, security and overall financial services applicable to Coinbase.
• Responsible for supporting Coinbase’s internal audit plan through the execution of information technology and security related audits from beginning to end. Key activities include audit planning, stakeholder management, fieldwork execution, reporting and validation of remediated audit findings.
• Develop audit reports on the effectiveness of the internal control structure for an executive level audience, ensuring reported findings are appropriately documented and supported by evidence.
• Develop customized and valuable solutions to issues identified during the course of audits performed.
• Manage and support internal audit staff and perform ad-hoc investigations/audits/reviews as required.
• Responsible for tracking and evaluating the adequacy and timeliness of management's response and the corrective action taken on internal audit findings, including validation of remediation activities.
• Remain current and increase knowledge of regulatory requirements that impact the organization, as well as in the areas of internal control, technology, security, business, company products and company information.
• Assist in the preparation of internal audit materials for the Audit Committee and Board of Directors.
• Validate the effectiveness of control function by leading periodic control certifications for all documented controls.
• Establish and maintain trusted relationships with business unit management across all levels.
• Work closely with both first and second lines of defense to maximize meetings utility, testing efficiencies and internal controls review coverage across the organization.
• Serve as a value-add and advisory function to business partners by identifying ways to address audit findings or opportunities for enhancements with the goal of mitigating risk and improving technology, security, and operational performance without compromising 3rd Line of Defense independence and objectivity.
• Assist with responses to regulatory inquiries as they relate to internal audit matters.
• Communicate with and educate process owners effectively, including non-finance individuals, on the importance of controls, an effective control environment, and the role of Internal Auditor.
• Promote new ideas / innovative means of executing projects and internal infrastructure enhancements focused on process or technology improvements.

What we look for in you

• Bachelor's Degree in computer science/management information systems or related information technology or security fields and/or accounting or related fields.
• 7+ years of experience in internal audit with a heavy focus on technology, information technology and information security audit; or experience in first line, operational, technology, software development, and security fields. Excellent understanding of cloud based technology stack, software and application development lifecycle, cloud configurations and security services, and overall an Enterprise technology stack operations, maintenance and oversight risks and controls. 
• 1+ year of experience in an internal auditing manager position, managing processes and procedures
• Proven project management skills with the ability to juggle multiple responsibilities and deadlines.
• Solid analytical and problem solving skills, with high standards for quality, accuracy and attention to detail.
• Excellent written and verbal communication skills.
• Self-driven, ability to work independently and in a team environment.
• Experience working in a fast paced organization.
• Excellent understanding of data analysis techniques.
• Demonstrated proficiency in Google Suite or MS Excel, Word and PowerPoint.
• Basic scripting experience in coding languages such as Python, Ruby, etc. 

Nice to haves:

• Professional Internal Audit / IT / Security qualification (e.g., CISA, CFE, etc.) or comprehensive working knowledge of the Chartered Institute of Internal Auditor practice.
• Understanding of international regulatory requirements as it pertains to information technology and security.
• Understanding of crypto, payments and/or financial services industry and experience in auditing information systems and controls.
• Entrepreneurial attitude and experience with, or the ability to adapt to, a rapidly growing start-up with associated complexities and ambiguities.
• Experience working with/in an out-sourced or co-sourced internal audit function.
• Ability to work across functions and time zones.

P69092

Pay Transparency Notice: The target annual salary for this position can range as detailed below. Full time offers from Coinbase also include target bonus + target equity + benefits.

Please be advised that each candidate may submit a maximum of four applications within any 30-day period. We encourage you to carefully evaluate how your skills and interests align with Coinbase's roles before applying.

Commitment to Equal Opportunity

Coinbase is committed to diversity in its workforce and is proud to be an Equal Opportunity Employer.  All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, gender, national origin, age, disability, veteran status, sex, gender expression or identity, sexual orientation or any other basis protected by applicable law. Coinbase will also consider for employment qualified applicants with criminal histories in a manner consistent with applicable federal, state and local law.  For US applicants, you may view the Know Your Rights notice here.  Additionally, Coinbase participates in the E-Verify program in certain locations, as required by law. 

Coinbase is also committed to providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation because of a disability for any part of the employment process, please contact us at accommodations[at]coinbase.com to let us know the nature of your request and your contact information.  For quick access to screen reading technology compatible with this site click here to download a free compatible screen reader (free step by step tutorial can be found here).

Global Data Privacy Notice for Job Candidates and Applicants

Depending on your location, the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA) may regulate the way we manage the data of job applicants. Our full notice outlining how data will be processed as part of the application procedure for applicable locations is available here. By submitting your application, you are agreeing to our use and processing of your data as required. For US applicants only, by submitting your application you are agreeing to arbitration of disputes as outlined here.