As the
Senior Manager, Internal IT & Security Audit, you'll lead Coinbase's global IT and security audit program. Reporting to the Head of Internal Audit, you will operate within an independent third line of defense that maintains functional accountability to the Audit Committee. You'll own the multi-year IT and security audit roadmap, ensuring coordinated coverage across all regions (US, EMEA, UK, APAC) and alignment with Coinbase's enterprise risk profile and regulatory expectations. Your leadership will directly strengthen how Coinbase identifies, evaluates, and mitigates technology and security risks across the organization.
What you'll do: - Own the end-to-end delivery of complex, cross-functional IT and security audits covering cloud infrastructure, security operations, identity and access management, data protection, vendor/third-party risk, and key products and services.
- Lead and develop a high-performing global team of internal auditors and co-sourced resources, setting goals, coaching talent, managing performance, and building succession pipelines across regions.
- Drive integrated assurance across the three lines of defense by partnering with first and second line risk, compliance, security, and technology teams to rationalize testing and maximize control coverage.
- Shape executive-level reporting on technology and security control effectiveness, distilling key themes, emerging risks, and root causes into clear materials for senior management, the Head of Internal Audit, and the Audit Committee.
- Partner with technology and security leadership across Engineering, Security, Infrastructure, and Product to provide independent challenge on major initiatives (e.g., cloud migrations, new product launches, architecture changes) without compromising third-line independence.
- Build continuous improvement into the audit function by driving adoption of data analytics, automation, and generative AI to modernize IT and security audit execution, including continuous monitoring and automated evidence retrieval.
Required Skills & Experience:- 12+ years of experience in internal audit with deep focus on IT and information security, or in first-line / second-line technology/security roles with significant controls and audit exposure.
- Demonstrated success leading global, cross-functional IT audit portfolios spanning cloud, infrastructure, cybersecurity, and third-party risk across multiple regulatory jurisdictions (US, EMEA, APAC).
- Deep technical knowledge of cloud-based technology stacks, software development lifecycles, cloud security configurations, and enterprise IT operations risks and controls.
- Relevant professional certifications (e.g., CISA, CISSP, CIA, CPA) and working fluency with frameworks such as NIST, COBIT, and ITIL.
- Proven leadership experience building, mentoring, and managing global audit teams, including co-sourced resources and indirect reports across time zones.
- Utilizes generative AI responsibly, maintaining human oversight to deliver business-ready outputs and drive measurable improvements in workflow efficiency, cost, and quality.
Req ID: #P76564
#LI-Remote
Pay Transparency Notice:Base salary varies by location (see range below). Total compensation may also include equity and bonus eligibility, and benefits (medical, dental, vision, 401(k)).
Annual base salary range (excluding equity and bonus):
$201,365-$236,900 USD
Please be advised that each candidate may submit a maximum of four applications within any 30-day period. We encourage you to carefully evaluate how your skills and interests align with Coinbase's roles before applying.
