Kraken - SOX Auditor

• 8+ years of experience in IT audit, internal audit, external audit, or SOX compliance, with significant exposure to IT general controls testing. • Experience in crypto, fintech, payments, or technology-intensive environments with complex, rapidly evolving infrastructure. • CISA and CPA certifications required. Candidates with one certification who are actively pursuing the other will be considered. • Strong knowledge of ITGC frameworks, SOX compliance requirements, COSO, COBIT, and PCAOB auditing standards as they apply to IT controls. • Hands-on experience testing ITGCs across access management, change management, and system operations. • Technical fluency with enterprise technology environments — you don’t need to be an engineer, but you need to understand how systems, databases, and deployment pipelines work to effectively test the controls around them. • Understanding of how IT controls underpin the reliability of financial reporting — you can connect an ITGC failure to its downstream impact on business process controls and the financial statements. • Experience working with or alongside external auditors (Big 4 preferred) on SOX engagements. • Experience operating across multi-entity structures or multiple jurisdictions. • Effective communicator who can translate technical IT audit findings for control owners, engineering teams, senior leadership, and external stakeholders. • Familiarity with blockchain infrastructure, digital asset custody systems, on-chain transaction processing, or crypto-native technology environments. • Experience with CI/CD pipelines, GitLab or similar version control systems, cloud infrastructure (AWS, GCP), and modern deployment practices. • Prior experience building or scaling an IT SOX testing program in a growth-stage or first-year SOX company. • Familiarity with audit management platforms such as AuditBoard or Workiva. • Familiarity with AI-assisted audit tools and willingness to adopt emerging technologies. • Unless a specific application deadline is stated in the job posting, applications are accepted on an ongoing basis. • Please note, applicants are permitted to redact or remove information on their resume that identifies age, date of birth, or dates of attendance at or graduation from an educational institution. • We consider qualified applicants with criminal histories for employment on our team, assessing candidates in a manner consistent with the requirements of the San Francisco Fair Chance Ordinance. • Kraken is powered by people from around the world and we celebrate all Krakenites for their diverse talents, backgrounds, contributions and unique perspectives. We hire strictly based on merit, meaning we seek out the candidates with the right abilities, knowledge, and skills considered the most suitable for the job. We encourage you to apply for roles where you don't fully meet the listed requirements, especially if you're passionate or knowledgable about crypto! • We may ask candidates to complete job-related skills or work-style assessments as part of our hiring process. These assessments are designed to evaluate competencies relevant to the role and are applied consistently across candidates for similar positions. Assessment results are considered alongside other relevant information, such as experience and interviews, and are not the sole basis for any employment decision.