Senior Manager, Internal Audit IT
About the role
The Senior Manager, Internal IT & Security Audit leads Coinbase's global IT and security audit program. Reporting to the Head of Internal Audit, this role operates within an independent third line of defense accountable to the Audit Committee. Key responsibilities include owning the multi-year IT and security audit roadmap, leading a global team, shaping executive-level reporting, and partnering with technology and security leaders.
Responsibilities
- Own the end-to-end delivery of complex, cross-functional IT and security audits covering cloud infrastructure, security operations, identity and access management, data protection, vendor/third-party risk, and key products and services.
- Lead and develop a high-performing global team of internal auditors and co-sourced resources, setting goals, coaching talent, managing performance, and building succession pipelines across regions.
- Drive integrated assurance across the three lines of defense by partnering with first and second line risk, compliance, security, and technology teams to rationalize testing and maximize control coverage.
- Shape executive-level reporting on technology and security control effectiveness, distilling key themes, emerging risks, and root causes into clear materials for senior management, the Head of Internal Audit, and the Audit Committee.
- Partner with technology and security leadership across Engineering, Security, Infrastructure, and Product to provide independent challenge on major initiatives (e.g., cloud migrations, new product launches, architecture changes) without compromising third-line independence.
- Build continuous improvement into the audit function by driving adoption of data analytics, automation, and generative AI to modernize IT and security audit execution, including continuous monitoring and automated evidence retrieval.
Requirements
- 12+ years of experience in internal audit with deep focus on IT and information security, or in first-line / second-line technology/security roles with significant controls and audit exposure.
- Demonstrated success leading global, cross-functional IT audit portfolios spanning cloud, infrastructure, cybersecurity, and third-party risk across multiple regulatory jurisdictions (US, EMEA, APAC).
- Deep technical knowledge of cloud-based technology stacks, software development lifecycles, cloud security configurations, and enterprise IT operations risks and controls.
- Relevant professional certifications (e.g., CISA, CISSP, CIA, CPA) and working fluency with frameworks such as NIST, COBIT, and ITIL.
- Proven leadership experience building, mentoring, and managing global audit teams, including co-sourced resources and indirect reports across time zones.
- Utilizes generative AI responsibly, maintaining human oversight to deliver business-ready outputs and drive measurable improvements in workflow efficiency, cost, and quality.
Qualifications
- Experience with frameworks such as NIST, COBIT, and ITIL.
- Working fluency with relevant professional certifications (e.g., CISA, CISSP, CIA, CPA).
- Leadership experience building, mentoring, and managing global audit teams, including co-sourced resources and indirect reports across time zones.
- Utilizes generative AI responsibly, maintaining human oversight to deliver business-ready outputs and drive measurable improvements in workflow efficiency, cost, and quality.
Skills
- Generative AI responsible usage.
- Leadership in global audit teams.
- Technical expertise in cloud-based technology stacks, software development lifecycles, cloud security configurations, and enterprise IT operations risks and controls.
Benefits
Base salary varies by location (see range below). Total compensation may also include equity and bonus eligibility, and benefits (medical, dental, vision, 401(k)).
Pay
Annual base salary range (excluding equity and bonus): $201,365 USD - $236,900 USD
Schedule
Remote-first, with quarterly in-person working sessions called “surges.”