Associate, Technology And Security Internal Auditor

Summary

Join Gemini's Internal Audit team as an Associate, Technology and Security Internal Auditor. Reporting to Internal Audit Management, you will execute internal audits across Gemini’s Technology and Security departments, focusing on controls testing and evaluating the control environment. Collaborate with Risk, Compliance, and Security GRC departments on control testing and remediation activities. This role offers the opportunity to contribute to a modern Internal Audit department within the dynamic digital assets industry, managing and monitoring risks while partnering with business lines to enhance controls and processes. You will need strong attention to detail, problem-solving skills, and the ability to make quick decisions in a fast-paced environment. This position offers a competitive salary and benefits package.

Requirements

• 2+ years experience in an internal audit, risk management, and/or controls role, ideally from a Big 4 consulting firm, or other technology, financial services, or FinTech company
• Experience with auditing Technology and Security related controls in line with standard frameworks (e.g., ISO 27001, NIST, PCI, COBIT, ITIL, FFIEC)
• Previous experience in control identification, control description documentation, and control testing
• Ability to be flexible in a rapidly changing environment and "roll up sleeves" when priorities or project scopes change
• Ability to use data analytics and automation to perform audit activities
• Ability to effectively communicate with process owners and stakeholders related to internal audit expectations and findings that impact their business lines
• Strong written communication skills, including drafting control testing workpapers and issues identified
• Proven ability to meet audit budget and timeline constraints and to identify and escalate issues that may impact audit progress
• Strong organizational skills and proven ability to manage time amongst various activities and prioritize highest impact areas of focus
• Bachelor’s degree in Information Systems, Cybersecurity, Computer Science, Software Engineering, Accounting, Finance, Risk Management or related field, or commensurate work experience
• Experience using G Suite and audit workpaper management software

Responsibilities

• Execute internal audits in accordance with professional standards, company policies, and regulatory requirements. This primarily includes control testing and issue identification
• Track internal audit issues from identification to closure. Validate remediation activities to satisfy issue closure
• Evaluate methods to streamline audit approaches and methodologies, improve control testing activities, and enhance continuous monitoring
• Collaborate with the Risk, Compliance, and Security GRC departments on control testing activities and maintenance of the process, risk, and control library
• Build relationships with process owners and stakeholders to provide meaningful improvements as a result of issues identified during internal audits or during process development, while maintaining the independence of the 3rd Line of Defense
• Participate in the annual internal audit risk assessment process, including the scoring and documentation of risk ratings

Preferred Qualifications

Experience within DevOps and agile focused organizations is beneficial

Benefits

• Competitive starting salary
• A discretionary annual bonus
• Long-term incentive in the form of a new hire equity grant
• Comprehensive health plans
• 401K with company matching
• Paid Parental Leave
• Flexible time off
• In the United States, we have a flexible hybrid work policy for employees who live within 30 miles of our office headquartered in New York City and our office in Seattle