Senior Auditor - Technology Risk & SOX

Securitize, the leader in tokenizing real-world assets with $3.7B+ AUM (as of May 5, 2025), is
bringing the world on-chain through tokenized funds in partnership with top-tier asset managers,
such as Apollo, BlackRock, Hamilton Lane, KKR, and others. Securitize, through its
subsidiaries, is a SEC-registered broker dealer, digital transfer agent, fund administrator, and
operator of a SEC-regulated Alternative Trading System (ATS).

Securitize is a global, fully remote team consisting of top talent from the blockchain and
financial services industries. Having raised $170M overall to date, we are backed by some of the
largest names in finance and technology, including BlackRock, Morgan Stanley, Blockchain
Capital, MUFG, Sumitomo Mitsui Trust Bank, Sony Finance, Banco Santander, Coinbase,
among others. Securitize has also been recognized as a 2025 Forbes Top 50 Fintech company. 

Before applying, we encourage you to visit us to learn more:

Website | X/Twitter | LinkedIn

 

A Day in the Life:

We are seeking our first Senior Auditor, Technology Risk & SOX to join our newly created Internal Audit team at Securitize. This role is fully remote and will be reporting to the Director, Internal Audit & Controls. This hands-on role requires both technical and functional expertise, focusing on maturing an effective cloud-based IT environment. You’ll lead efforts in internal controls, system implementations, and audits, including SOX compliance, SOC 2 audits, and other IT risk-based audits. 

As the Senior Auditor - Technology Risk & SOX, you will primarily focus on Year 1 Sarbanes-Oxley (SOX) 404(a) audit testing for IT General Controls (ITGC), IT Application Controls (ITAC), Key Reports & Spreadsheets, and SOC1 Report Testing. This is an individual contributor role initially responsible for conducting fieldwork (executing, documenting and interpreting testing), and preparing draft audit findings for reporting to senior management. 

This role is ideal for an experienced professional with strong knowledge of IT risks in SaaS and/or FinTech, looking for a broad range of responsibilities in a dynamic environment with career development opportunities as the company and team grows. 

 

The Impact You’ll Make:

• Assist in SOX compliance for IT and Technology, including planning, scoping, testing, and reporting on key controls.
• Partner with the business process SOX lead on changes to the annual materiality and SOX risk assessment to determine scoping of in-scope financial applications based on material financial accounts, key business segments, and significant entities  
• Conduct risk assessments for technology systems to ensure early identification of risks and integration of controls into business processes.
• Identify, assess, and mitigate technology risks, particularly in cloud infrastructure, system integrations, and software development processes.
• Assist with implementation of Sarbanes-Oxley IT policies, procedures, and work standards in line with SEC requirements and PCAOB guidance.
• Build strong relationships with key stakeholders, including Product & Engineering, IT, InfoSec, Legal, and Accounting, to gain a thorough understanding of their operations and identify risk mitigations and areas for improvement.
• Collaborate with IT control owners, Information Security, Infrastructure Engineering, and other stakeholders to ensure the quality, consistency, and scalability of controls that address operational, technical, and financial risks.
• Update and document initial process narratives and flowcharts related to financial data flows, system integrations and configurations
• Update ITGC risk and control matrix (RACM) for year 1 SOX compliance 
• Partner with business process SOX lead on control optimization and automation initiatives for in-scope financial systems to increase reliance on IT application controls (ITACs), key report and IUC identification and inventory  
• Assist with training on IT SOX requirements with stakeholders educating on remediation of control gaps and process improvements  
• Assist with planning, coordination, and execution of all ITGC test phases of SOX compliance workstreams with stakeholders, external auditor and third-party internal audit co-source  
• Execute on independent ITGC test of design (ToD) and test of operating effectiveness (ToE) results  for Year 1 SOX compliance
• Assist with project management of SOX 404 ITGC compliance program, SOC 2 Type 2 audits, annual IA audit plan and Enterprise Risk Assessment
• Communicate SOX findings and recommendations to senior leadership and control owners, while supporting external auditors in their assessments and addressing any identified deficiencies.
• Stay informed about industry best practices for IT and technology risk management, adapting these strategies to the company’s needs.
• Monitor emerging regulations and industry standards affecting IT controls, adjusting audit plans and strategies accordingly.
• Contribute to the continuous improvement of SOX and risk processes, including training and guiding new team members, consultants, and stakeholders on compliance and risk management best practices.
• Support internal and external audits by providing insights into IT-related SOX risks and assisting with remediation efforts.
• Conduct operational and IT internal audit projects in accordance with the Institute of Internal Auditors (IIA) professional practice standards
• Contribute to ongoing development of the ERM, Fraud Risk Management programs
• Maintain knowledge of generally accepted auditing and accounting standards
• Participate in special projects as assigned by Director, Internal Audit & Controls
  
  

Who You Are:

• Bachelor's Degree in a business or technology discipline.
• 5+ years of experience in SOX compliance, IT risk management, or technology audit roles, with a focus on technology risks and cloud-based environments.
• Proficiency in SOX, IT general controls (ITGCs), IT application controls (ITACs), and internal control frameworks such as COSO, COBIT, and NIST.
• Deep technical knowledge across IT areas including software development, IT infrastructure, cloud technology, network operations, and cybersecurity.
• Technical knowledge in auditing applications and infrastructure systems.
• Experience in public companies and understanding of SEC and PCAOB requirements
• Entrepreneurial attitude and experience with, or the ability to adapt to, a rapidly growing start-up with associated complexities and ambiguities.
• Proven ability to assess and mitigate risks within cloud platforms (AWS) and internally developed IT environments.
• Solid understanding of modern technology stacks, IT processes, and the software development lifecycle (SDLC).
• Strong communication skills, able to explain complex technology risks to both technical and non-technical stakeholders.
• Experience leading SOX projects, managing teams, and coordinating with external auditors.
• Critical thinking and problem-solving skills with the ability to assess IT processes and solve complex problems.
• Excellent interpersonal and organizational skills, with the ability to manage multiple projects and meet deadlines in a fast-paced environment.
• Ability to provide meaningful recommendations to improve policies, procedures, systems, processes; as well as to address root causes of control deficiencies

• Prior experience working with IPE (Information Provided by Entity) and testing the completeness and accuracy of key reports and spreadsheets.
• Prior experience assisting control owners in completing SOC (Service Organization Control) Report reviews for SOC1, including controls mapping and mapping of Complementary End User Computing Controls.
• Experience coordinating SOC audits with external auditors and stakeholders 
• Excellent written English communication skills: clear, concise, professional.
• Proven track record working remotely with a dispersed workforce

 

Added Bonus:

• Experience operating in high growth SaaS and/or technology companies
• Experience in FinTech, banking and/or financial services experience primarily focused on SOX or IT enterprise-wide risk management and ICFR controls consulting
• Experience with a global multi-entity company navigating operational, and regulatory audit requirements for legal entities or operations in different regions or countries. 
• Deep technical knowledge across IT areas including software development, IT infrastructure, cloud technology, network operations, and cybersecurity.
• Familiarity with tools like Google, Jira, Asana, Lucidchart, NetSuite, BambooHR, Salesforce, ADP, Pulley, Teampay, Bill.com.
• Familiarity with Drata GRC Platform or other SOX and Audit solutions 
• Knowledge of DORA and GDPR frameworks 
• CISA, CISSP, CRISC, CISM CPA, or CIA certification.
• Big 4 (Deloitte, EY, KPMG, PwC) Advisory or Assurance background, but not required. 
• Prior experience incorporating data analysis / data analytics (including the use of SQL-based tools) & AI tools and techniques in audit planning, testing, workpaper support and final reports.
• Experience working with/in an out-sourced or co-sourced internal audit function.

Why Join Us?

Become a part of our rapidly expanding organization and enjoy a supportive and rewarding work environment:

• Unlimited Paid Time Off (PTO) – Promoting a healthy work-life balance.
• Equity Grant Opportunities – Share in the success and future growth of the company.
• Remote Work Flexibility – Work from anywhere while staying connected with a dynamic and collaborative team.

Additional Benefits for US employees

• Comprehensive Insurance Coverage – 100% employer-paid Medical, Dental, and Vision benefits for you and your family.
•  401(k) Retirement Plan – Secure your financial future with employer-sponsored savings.