Technology Internal Audit Manager

Summary

Join Marqeta as the Technology Internal Audit Manager to lead the execution of the SOX IT compliance program and safeguard the integrity of technology operations supporting financial reporting. Manage aspects of the IT SOX auditing program, including planning, execution, issue evaluation, and coordination with external auditors and internal stakeholders. Collaborate cross-functionally to assess and enhance the effectiveness of Marqeta’s IT control environment, identify emerging risks, and provide strategic insights. Oversee the work of co-sourced resources and take ownership of program execution and continuous improvement. This role offers flexibility, allowing remote work anywhere in the US or from the Oakland, CA office. The position requires a strong background in IT audit and SOX compliance, with experience in risk assessment and internal controls testing, preferably within FinTech or a technology-driven industry.

Requirements

• An experienced IT audit professional with 6+ years of progressive responsibility in SOX IT compliance, IT risk assessment, and internal controls testing—preferably within the FinTech space or other highly technology-driven industries
• Proficient in managing end-to-end SOX ITGC, SOC1 reviews, key reports, and automated control testing cycles, with deep expertise in Identity and Access Management (IAM), Change Management, Backup/Recovery, and IT Operations across home grown, traditional, and cloud-native systems
• Skilled in evaluating control effectiveness in cloud-based environments (e.g., AWS, Azure) and DevOps pipelines, with a sharp eye for identifying SOX-relevant risks across dynamic technical infrastructure
• Well-versed in applying frameworks like COSO, COBIT, and NIST, ensuring IT control environments meet both compliance and audit standards
• A strong communicator and program driver, capable of translating technical risks into clear, actionable insights for senior leadership, external auditors, and cross-functional teams
• Highly organized, detail-oriented, and confident in owning the delivery of the SOX IT testing program, while continuously seeking opportunities to enhance its efficiency and maturity

Responsibilities

• Lead and manage the SOX IT compliance program, including the scoping, planning, execution, and documentation of ITGC testing across Marqeta’s critical financial systems and supporting infrastructure
• Assess the design and operating effectiveness of SOX-relevant IT controls in accordance with PCAOB standards, and ensure alignment with frameworks such as COSO and COBIT
• Collaborate closely with IT, Security, Engineering, and Finance teams to validate control ownership, assess risk, spot emerging technologies, and drive timely remediation of deficiencies
• Identify risks related to change management, access provisioning, IT operations, system development, and third-party hosted environments, particularly in cloud-based and DevOps ecosystems
• Coordinate directly with external auditors to support SOX walkthroughs, testing cycles, and issue resolution, acting as the primary liaison for IT audit matters
• Provide clear, executive-ready reporting on SOX control effectiveness, audit findings, and remediation status to senior leadership and key stakeholders
• Drive continuous improvement of the SOX IT program by enhancing control automation, streamlining evidence collection, and supporting the maturity of compliance capabilities

Preferred Qualifications

• Professional certifications such as CISA (Certified Information Systems Auditor), CISM (Certified Information Security Manager), CIA (Certified Internal Auditor), or CISSP (Certified Information Systems Security Professional)
• Strong project and/or program management skills, with a proven ability to manage audit timelines, coordinate cross-functional stakeholders, and drive complex SOX initiatives to completion
• Background with Big 4 accounting firms or top IT consulting firms, showcasing strong foundational experience in IT audit methodologies, SOX compliance (SOX 404), and risk-based audit planning
• Advanced knowledge of DevOps tools (e.g., Jenkins, GitHub, Kubernetes), secure software development life cycle (SSDLC), and identity management solutions for evaluating control design and implementation
• Familiarity with automated audit tools, data analytics, and platforms such as AuditBoard to enhance the efficiency and accuracy of audit activities
• Experienced in diagraming complex IT environments or processes

Benefits

• Multiple health insurance options
• Flexible time off – take what you need
• Retirement savings program with company contribution and after tax contributions
• Equity in a publicly-traded company and an Employee Stock Purchase Program
• Family-forming benefits, fertility support, and up to 20 weeks of Parental Leave
• Free therapy sessions, financial and professional coaching, and legal advice
• Monthly stipend to support our remote work model
• Annual “development dollars” to support our people growth and development