Risk

• Lead IT initiatives to support the SOX roadmap and advance program maturity
• Assist with scoping of IT systems and create and deliver training to owners in preparation for SOX audit
• Lead the development of SOC 1 reports in coordination with cross functional stakeholders
• Coordinate SOC 1 audits, respond to external auditor requests, coordinate management responses, and prepare reporting
• Lead and perform security control gap assessments over IT control environment and design and track remediation efforts to completion
• Assess SOX implications of new products, update relevant controls, and communicate requirements to product organization and other stakeholders
• Perform impact analysis for control deficiencies identified over SOX environment and partner with owning teams to design remediation plans
• Provide ongoing reporting to stakeholders and leadership and communicate progress and escalations
• Build close relationships with Security, IT, Infrastructure, Engineering, Data, and Finance to advise on SOX requirements and ensure excellence in control ownership
• Create and improve procedural documentation, including process documentation, data flow diagrams, and uplifting control narrative templates
• Work closely with internal and external auditors to educate them about a complex technology control environment
• Oversee quality of audit initiatives, identify and analyze process gaps, and provide guidance and expertise to team members
• Develop creative solutions to prove risk mitigation and solve for complex audit problems faced by the crypto industry
• Identify opportunities to address systemic program challenges, recommend solutions and drive issue resolution
• Assist in implementation to automate the audit evidence collection process via AuditBoard.

Risk and Internal Controls Analyst

Job Level

Tech Stack

About the role

Requirements

Analyst, Tech Controls

IT Security Analyst

Senior IT SOX Auditor

CyberArk Engineer

Team Lead – Information Security Governance