Back to Jobs
Canada; Ireland; United Kingdom Remote (Global) Full-time

Kraken is hiring a SOX Auditor - IT Controls Manager

Responsibilities

  • Lead the execution of independent testing of IT General Controls (ITGCs) across key control domains: access management, change management, and system operations.
  • Evaluate the design and operating effectiveness of IT controls across in-scope applications and infrastructure, including systems that support blockchain-native operations, digital asset custody, and crypto trading platforms.
  • Document testing procedures and results to meet Internal Audit and external auditor quality standards.
  • Identify new systems, applications, or process changes that emerge during testing and assess their SOX implications in coordination with the SOX Compliance team.
  • Build and maintain testing programs, templates, and workpapers that create a repeatable, scalable foundation for IT SOX testing.
  • Identify opportunities to leverage AI-enabled workflows and data analytics to improve testing coverage and efficiency across IT control domains.
  • Independently validate the remediation of open SOX findings, including material weaknesses and significant deficiencies, across ITGC control areas.
  • Evaluate control deficiencies by performing root cause analysis and assessing the severity and pervasiveness of exceptions to inform deficiency classification.
  • Assess whether management’s remediation actions are adequately designed and operating effectively before closing findings.
  • Track remediation progress, escalate delays or gaps, and report status to Internal Audit leadership and the Audit Committee as required.
  • Coordinate with the SOX Compliance team to ensure alignment on remediation expectations, timelines, and evidence requirements.
  • Serve as a trusted Internal Audit point of contact for IT control owners across Engineering, Infrastructure, Security, and IT Operations.
  • Bridge the gap between audit methodology and engineering culture — these teams speak a different language than accountants, and you need to be fluent in both.
  • Contribute to Internal Audit reporting to the Audit Committee, external auditor, and senior leadership on IT SOX testing coverage, findings, and remediation status.
  • Partner with the business process SOX tester and co-sourced resources to ensure coordinated testing coverage across the full SOX program.

Requirements

  • 8+ years of experience in IT audit, internal audit, external audit, or SOX compliance, with significant exposure to IT general controls testing.
  • Experience in crypto, fintech, payments, or technology-intensive environments with complex, rapidly evolving infrastructure.
  • CISA and CPA certifications required. Candidates with one certification who are actively pursuing the other will be considered.
  • Strong knowledge of ITGC frameworks, SOX compliance requirements, COSO, COBIT, and PCAOB auditing standards as they apply to IT controls.
  • Hands-on experience testing ITGCs across access management, change management, and system operations.
  • Technical fluency with enterprise technology environments — you don’t need to be an engineer, but you need to understand how systems, databases, and deployment pipelines work to effectively test the controls around them.
  • Understanding of how IT controls underpin the reliability of financial reporting — you can connect an ITGC failure to its downstream impact on business process controls and the financial statements.
  • Experience working with or alongside external auditors (Big 4 preferred) on SOX engagements.
  • Experience operating across multi-entity structures or multiple jurisdictions.
  • Effective communicator who can translate technical IT audit findings for control owners, engineering teams, senior leadership, and external stakeholders.

Nice to Have

  • Familiarity with blockchain infrastructure, digital asset custody systems, on-chain transaction processing, or crypto-native technology environments.
  • Experience with CI/CD pipelines, GitLab or similar version control systems, cloud infrastructure (AWS, GCP), and modern deployment practices.
  • Prior experience building or scaling an IT SOX testing program in a growth-stage or first-year SOX company.
  • Familiarity with audit management platforms such as AuditBoard or Workiva.
  • Familiarity with AI-assisted audit tools and willingness to adopt emerging technologies.

Additional Information

  • Applications are accepted on an ongoing basis unless a specific deadline is stated.
  • Applicants may redact or remove information on their resume identifying age, date of birth, or dates of attendance at or graduation from an educational institution.
  • Candidates with criminal histories are considered in accordance with the San Francisco Fair Chance Ordinance.
  • Payward hires based on merit and celebrates diverse talents, backgrounds, and perspectives.
  • Candidates who don't fully meet listed requirements are encouraged to apply, especially if passionate or knowledgeable about crypto.
  • Job-related skills or work-style assessments may be part of the hiring process and are applied consistently across similar positions.
  • Assessment results are considered alongside experience and interviews and are not the sole basis for employment decisions.
  • Equal opportunity employer: no discrimination or harassment based on race, ethnicity, age, gender identity, citizenship, religion, sexual orientation, disability, pregnancy, veteran status, or any other protected characteristic.
Required Skills
IT AuditFintechGitLab
About company
Kraken
Kraken is a cryptocurrency exchange building premium crypto products for experienced traders, institutions, and newcomers. The company is committed to industry-leading security, crypto education, and world-class client support through products like Kraken Pro, Desktop, Wallet, and Kraken Futures.
All jobs at Kraken Visit website
Job Details
Department Risk & Audit
Category other
Posted a month ago