Internal Audit - SOX Senior Manager

coinbaseRemotegreenhouse
Posted Date:

September 25, 2025

Employment Type:

Not specified

Work Arrangement:

Remote

Skills & Technologies

Finance & Accountingpreferred

Contact Information

Job Description

Ready to be pushed beyond what you think you’re capable of?

At Coinbase, our mission is to increase economic freedom in the world. It’s a massive, ambitious opportunity that demands the best of us, every day, as we build the emerging onchain platform — and with it, the future global financial system.

To achieve our mission, we’re seeking a very specific candidate. We want someone who is passionate about our mission and who believes in the power of crypto and blockchain technology to update the financial system. We want someone who is eager to leave their mark on the world, who relishes the pressure and privilege of working with high caliber colleagues, and who actively seeks feedback to keep leveling up. We want someone who will run towards, not away from, solving the company’s hardest problems.

Our work culture is intense and isn’t for everyone. But if you want to build the future alongside others who excel in their disciplines and expect the same from you, there’s no better place to be.

While many roles at Coinbase are remote-first, we are not remote-only. In-person participation is required throughout the year. Team and company-wide offsites are held multiple times annually to foster collaboration, connection, and alignment. Attendance is expected and fully supported.

The Coinbase Internal Audit is an independent, third line function that reports directly to the Coinbase Audit Committee. The purpose and mission of Internal Audit is to objectively evaluate and audit the effectiveness of governance, compliance, risk management, and control process. The in-house Coinbase Internal Audit team is responsible for strategic analysis, risk assessments, development of the audit plan, project management, quality review, report issuance and issue validation across IT and business functions. By executing all aspects of audits, including planning, walkthroughs, testing, deficiency remediation, and report writing in accordance with regulatory requirements, you'll play a key role in strengthening our position as the industry leader by evaluating the effectiveness of management’s ability to control potential events or threats and ultimately add value to all our stakeholders

What you’ll be doing (ie. job duties):

    • SOX & SOC Program Leadership (Third Line of Defense): As a key leader within the Internal Audit department (the third line of defense), you will lead, direct and own the company's SOX 404 and SOC (e.g., SOC 1, SOC 2) testing programs. This includes leading the annual and ongoing scoping, strategic resourcing, to ensure timely, accurate and comprehensive testing of all in-scope SOX and SOC controls. Strategically coordinate testing efforts with external auditors to maximize efficiency and ensure alignment on control assessments and findings.
    • IT Controls Oversight (ITGC & ITAC): Oversee the testing of IT General Controls (ITGCs) and IT Application Controls (ITACs), ensuring comprehensive coverage and assessment of IT-dependent financial reporting and operational processes. A strong understanding of both business process and IT controls is critical.
    • Cross-Functional Partnership & Stakeholder Management: Serve as the primary liaison with internal partners (e.g., Finance, Legal, IT, Security, and 2nd Line functions like Risk Management and Compliance) and external auditors. Strategically manage these relationships to coordinate audit controls testing, walkthroughs, and evidence gathering, driving initiatives to optimize audit processes and achieve significant efficiencies.
    • Operational Audit Execution & Oversight (Finance & Accounting): Spearhead and execute comprehensive, risk-based operational audits of the finance and accounting functions. This includes planning, scoping, fieldwork, identifying areas for process improvement, efficiency gains, risk mitigation, and reporting.
    • Impactful Audit Reporting & Recommendations: Develop and present impactful audit reports on SOX, SOC, and operational audit findings, detailing clear findings, risk implications, and pragmatic, actionable recommendations to senior management and relevant stakeholders. Partner with leadership to develop and monitor remediation plans.
  • Data Integrity & IUC/IPE Governance: Establish and enforce rigorous standards for the review and validation of Information Used in the Control (IUC) and Information Produced by the