Lead Coinbase's global IT and security audit program, owning the multi-year roadmap and delivering complex audits across cloud, infrastructure, and cybersecurity. Manage a global team and partner with engineering and security leadership.
201k – 237k
Remote12+ YOEOther
About the role
What you'll do
Own the end-to-end delivery of complex, cross-functional IT and security audits covering cloud infrastructure, security operations, identity and access management, data protection, vendor/third-party risk, and key products and services.
Lead and develop a high-performing global team of internal auditors and co-sourced resources, setting goals, coaching talent, managing performance, and building succession pipelines across regions.
Drive integrated assurance across the three lines of defense by partnering with first and second line risk, compliance, security, and technology teams to rationalize testing and maximize control coverage.
Shape executive-level reporting on technology and security control effectiveness, distilling key themes, emerging risks, and root causes into clear materials for senior management, the Head of Internal Audit, and the Audit Committee.
Partner with technology and security leadership across Engineering, Security, Infrastructure, and Product to provide independent challenge on major initiatives (e.g., cloud migrations, new product launches, architecture changes) without compromising third-line independence.
Build continuous improvement into the audit function by driving adoption of data analytics, automation, and generative AI to modernize IT and security audit execution, including continuous monitoring and automated evidence retrieval.
Required Skills & Experience
12+ years of experience in internal audit with deep focus on IT and information security, or in first-line / second-line technology/security roles with significant controls and audit exposure.
Demonstrated success leading global, cross-functional IT audit portfolios spanning cloud, infrastructure, cybersecurity, and third-party risk across multiple regulatory jurisdictions (US, EMEA, APAC).
Deep technical knowledge of cloud-based technology stacks, software development lifecycles, cloud security configurations, and enterprise IT operations risks and controls.
Relevant professional certifications (e.g., CISA, CISSP, CIA, CPA) and working fluency with frameworks such as NIST, COBIT, and ITIL.
Proven leadership experience building, mentoring, and managing global audit teams, including co-sourced resources and indirect reports across time zones.
Utilizes generative AI responsibly, maintaining human oversight to deliver business-ready outputs and drive measurable improvements in workflow efficiency, cost, and quality.
Skills
CisaCisspCiaCPANistCobitItilCloud InfrastructureCybersecurityIdentity And Access Management
Similar roles
Senior Manager, Procurement
AirtableSan Francisco, CA +2
Lead and mature Airtable's procurement function by owning complex software/SaaS/cloud negotiations, managing the vendor portfolio, partnering with Engineering/IT/Finance/Legal, and coaching a small team of specialists. Requires 8+ years procurement experience with deep expertise in high-stakes tech deal structuring.
201k – 289k
Hybrid8+ YOEOther
Senior Risk Strategist - Fraud
MercurySan Francisco, CA +2
Senior fraud strategist driving Mercury’s fraud program across payment rails and consumer banking. Combines data analysis, SQL, and cross-functional execution to design controls that reduce losses while protecting customer experience.
201k – 251k
Hybrid6+ YOEOther
Governance, Risk & Compliance Analyst
PerplexitySan Francisco, CA
Governance, Risk & Compliance Analyst responsible for implementing SOC2, ISO 27001, HIPAA and privacy regulations (GDPR/CCPA), building GRC tooling and audit processes, conducting risk assessments, and shaping AI regulatory policies. Requires 6+ years in audit/compliance, experience automating compliance with AI agents, and high-tech cloud-native background.
200k – 220k
On-site6+ YOEOther
Environmental Engineer, Data Center Design
FluidstackAustin, TX +3
Lead environmental due diligence, threatened and endangered species consultations, and multi-state permitting for 50GW+ data center builds. Requires hands-on experience with ESAs, CWA 404, NPDES, ESA Section 7/10, agency negotiations, and resolving natural resource constraints on aggressive timelines.
200k – 250k
Hybrid7+ YOEOther
Solar Lead
FluidstackAustin, TX
Own end-to-end solar strategy and deployment for multi-GW behind-the-meter generation to power AI data centers. Negotiate PPAs and offtake agreements, manage regulatory and interconnection processes, and quarterback cross-functional workstreams across numerous concurrent large-scale sites.