Building the Future of Crypto Kraken is a mission-focused company rooted in crypto values. As a Krakenite, you’ll join us on our mission to accelerate the global adoption of crypto, so that everyone can achieve financial freedom and inclusion. The team Payward’s Risk & Audit function operates as an Integrated Assurance organization, bringing together Internal Audit and Enterprise Risk Management under a unified risk oversight strategy. The function spans SOX Compliance, Enterprise Risk Management, and Internal Audit across multiple regulated entities and jurisdictions. The team partners with co-sourced providers, maintains direct reporting lines to the Global and Local Audit Committee Chairs, and is building a technology-forward assurance capability at the forefront of crypto and financial innovation. The opportunity You will lead Internal Audit’s business process SOX controls testing program, building the testing approach, workpapers, and institutional knowledge from the ground up. This is a hands‑on role with real program ownership and you’ll be doing it at a crypto exchange — where revenue includes digital asset trading, staking, and custody fees, where treasury manages both fiat and crypto assets, and the financial reporting landscape is evolving in real time. Responsibilities SOX business process controls testing Lead the execution of independent controls testing across business process areas including revenue, financial close, and treasury. Evaluate the design and operating effectiveness of key controls, document testing procedures and results, and ensure workpapers meet Internal Audit and external auditor quality standards. Validate the completeness and accuracy of Information Used in Controls (IUC) and Information Produced by the Entity (IPE), ensuring the reliability of data underpinning control performance. Build and maintain testing programs, templates, and workpapers that create a repeatable, scalable foundation for business process SOX testing. Identify opportunities to leverage AI-enabled workflows and data analytics to improve testing coverage and efficiency. Remediation validation & issue management Independently validate the remediation of open SOX findings, including material weaknesses and significant deficiencies, across business process control areas. Evaluate control deficiencies by performing root cause analysis and assessing the severity and pervasiveness of exceptions to inform deficiency classification. Assess whether management’s remediation actions are adequately designed and operating effectively before closing findings. Track remediation progress, elevate delays or gaps, and report status to Internal Audit leadership and the Audit Committee as required. Coordinate with the SOX Compliance team to ensure alignment on remediation expectations, timelines, and evidence requirements. Stakeholder engagement & reporting Serve as a trusted Internal Audit point of contact for business process control owners across Finance, Accounting, and Treasury. Contribute to Internal Audit reporting to the Audit Committee, external auditor, and senior leadership on business process SOX testing coverage, findings, and remediation status. Partner with the IT SOX tester and co‑sourced resources to ensure coordinated testing coverage across the full SOX program. Skills you should HODL 8+ years of experience in internal audit, external audit, or SOX compliance, with significant exposure to business process controls testing. CPA certification required. Experience in crypto, fintech, payments, or digital asset accounting — including revenue recognition for trading, staking, or custody services. Strong knowledge of US GAAP, SOX compliance requirements, COSO framework, and PCAOB auditing standards as they apply to business process controls. Hands‑on experience testing controls across revenue, financial close, treasury, or other core financial reporting processes. Experience operating across multi‑entity structures or multiple jurisdictions. Effective communicator who can translate audit findings and control observations for control owners, senior leadership, and external stakeholders. Nice to haves Familiarity with audit management platforms such as AuditBoard or Workiva. Exposure to global regulatory environments and multi‑entity control structures. Familiarity with AI‑assisted audit tools and willingness to adopt emerging technologies. Unless a specific application deadline is stated in the job posting, applications are accepted on an ongoing basis. Please note, applicants are permitted to redact or remove information on their resume that identifies age, date of birth, or dates of attendance at or graduation from an educational institution. We consider qualified applicants with criminal histories for employment on our team, assessing candidates in a manner consistent with the requirements of the San Francisco Fair Chance Ordinance. As an equal opportunity employer, we don’t tolerate discrimination or harassment of any kind. Whether that’s based on race, ethnicity, age, gender identity, citizenship, religion, sexual orientation, disability, pregnancy, veteran status or any other protected characteristic as outlined by federal, state or local laws. #J-18808-Ljbffr