Internal Audit IT Associate Manager

Join Coinbase as an Internal Audit IT Associate Manager to lead IT and security audits, mentor junior team members, and ensure compliance with regulatory requirements in a remote-first environment. Coinbase is a remote-first, but not remote-only company. Expect to get together quarterly for intense in-person working sessions called “surges.”

• •Own end-to-end execution of IT and security audits covering cloud infrastructure (AWS, GCP), application security, identity and access management, vendor/third-party risk, and blockchain-related products including wallets and cold storage.
• •Lead audit planning, fieldwork, and stakeholder management, synthesizing findings into evidence-based reports and presentations for senior leadership and the Audit Committee.
• •Direct and develop junior audit team members supporting your engagements, providing day-to-day guidance, reviewing workpapers, and coaching on technical and professional growth.
• •Drive continuous monitoring and validation of remediated audit findings, tracking management responses and flagging delays or emerging risk themes.
• •Partner with Engineering, Security, and IT leadership to identify control improvements and risk mitigation opportunities while preserving third-line independence and objectivity.
• •Build and maintain a current understanding of IT, security, and financial services regulatory requirements to assess their impact on Coinbase's control environment.

• •Base salary varies by location (see range below). Total compensation may also include equity and bonus eligibility, and benefits (medical, dental, vision, 401(k)).
• •Annual base salary range (excluding equity and bonus): $130,900 — $154,000 USD.

• •6+ years of experience in IT internal audit, information security audit, or first-line technology/security operations, with at least 1 year managing audit processes and staff.
• •Hands-on audit experience with cloud platforms (AWS, GCP), including IAM policies, security configurations, encryption, logging, and network architecture.
• •Working knowledge of audit and security frameworks such as NIST CSF, COBIT, SOC 2, or ITIL, with relevant certifications (CISA, CISSP, CIA, or CISM) preferred.
• •Proven ability to lead multiple concurrent audits across time zones and communicate technical findings clearly to both technical and non-technical stakeholders.
• •Familiarity with crypto, blockchain infrastructure, or financial services audit environments.
• •Utilizes generative AI responsibly, maintaining human oversight to deliver business-ready outputs and drive measurable improvements in workflow efficiency, cost, and quality.