Principal, Technology and Security Internal Auditor
Posted on: January 16, 2022
Empower the Individual Through Crypto
Gemini is a crypto exchange and custodian that allows customers to
buy, sell, store, and earn more than 30 cryptocurrencies like
bitcoin, bitcoin cash, ether, litecoin, and Zcash. Gemini is a New
York trust company that is subject to the capital reserve
requirements, cybersecurity requirements, and banking compliance
standards set forth by the New York State Department of Financial
Services and the New York Banking Law. Gemini was founded in 2014
by twin brothers Cameron and Tyler Winklevoss to empower the
individual through crypto.
Crypto is about giving you greater choice, independence, and
opportunity. We are here to help you on your journey. We build
crypto products that are simple, elegant, and secure. Whether you
are an individual or an institution, we want to help you buy, sell,
and store your bitcoin and cryptocurrency. Crypto is not just a
technology, it's a movement.
At Gemini, our mission is to empower the individual and that
includes giving our employees flexibility of choice - our Office
Optional Policy allows employees to choose to work from one of our
physical locations or from home.
Select roles that are location-specific will still be eligible for
The Department: Internal Audit
Internal Audit at Gemini is dedicated to providing independent
assurance of the design and effectiveness of internal controls
while working with business partners to solve problems and optimize
the control environment for continued growth.
The Role: Principal, Technology and Security Internal Audit
Reporting to the Head of Internal Audit, this individual is
responsible for managing and executing internal audit activities
across Gemini's Technology and Security departments. The role's
primary responsibilities include building and maintaining
relationships with Technology and Security stakeholders (including
C-level personnel), evaluating Gemini's Technology and Security
control environment and compliance with key regulations and
industry technology/security frameworks, managing third-party
internal audit consultants, collaborating with the Risk and
Compliance departments on control testing activities, and
partnering with Technology and Security stakeholders to design
remediation solutions for identified issues. The Principal,
Technology and Security Internal Audit has a unique opportunity to
help us create a modern Internal Audit department in the evolving,
fast-paced digital assets industry.
The Principal, Technology and Security Internal Audit will provide
a critical role in helping Gemini oversee, manage, and monitor
existing and emerging risks, as well as partner with Technology and
Security departments in enhancing controls and improving core
processes. This individual will drive the scope and execution of
internal audits, partner with process owners to develop remediation
plans for issues, validate issue remediation, and promote a
sustainable Internal Audit program. Internal Audit is one of the
few functions that has the opportunity to make an impact on all
lines of business to ensure critical processes are well controlled.
The ideal candidate is a strong critical thinker, adaptive to
evolving regulatory environments and emerging risks, has an open
and creative mindset on how to approach risk within a rapidly
changing environment, and communicates effectively with Technology
and Security leadership.
- Direct, manage, and execute Technology and Security internal
audits, and assist with technology and security risk considerations
across all internal audits, in accordance with professional
standards, company policies, and regulatory requirements. This
includes scope development, control testing, issue identification
and report drafting, as well as oversight of third-party
consultants in the execution of these activities.
- Build relationships with process owners and stakeholders to
provide meaningful improvements, as a result of issues identified
during internal audits or during process development, while
maintaining the independence of the 3rd Line of Defense.
- Develop and recommend remediation plans and mitigating controls
where audit issues are identified and collaborate with management
to ensure audit issues are resolved in a timely manner.
- Evaluate methods to streamline audit approaches and
methodologies, improve control testing activities, and enhance risk
- Assist with Internal Audit reporting to senior leadership, the
Audit Committee of the Board, and regulatory bodies, where
- Participate in the annual Internal Audit risk assessment
process, including the scoring and documentation of risk
- Collaborate with the Risk and Compliance departments on control
testing activities, maintenance of the process, risk, and control
library, and enterprise risk management.
- Monitor key regulations and industry technology/security
frameworks and proactively collaborate with management to develop
controls based on the evolving landscape.
- 8+ years experience in an internal audit, risk management
and/or controls role, ideally at a high-growth technology company.
Experience from financial services, FinTech or Big 4 consulting
firms will also be considered.
- Experience with auditing Technology and Security related
controls in line with standard frameworks (e.g., ISO 27001, NIST,
PCI, COBIT, ITIL, FFIEC).
- Ability to be flexible in a rapidly changing risk and
regulatory landscape and "roll up sleeves" when priorities or
project scopes change.
- Ability to effectively communicate with process owners and
stakeholders up to executive levels related to expectations of
internal audit projects and findings that impact their business
- Strong written communication skills, including drafting issues
and other internal audit documentation for consumption by
Management, Audit Committee, and potential regulators.
- Previous experience in control identification, control
description documentation, and control testing in DevOps and agile
- Basic blockchain or private and public key cryptography
- Proven ability to meet project budget and timeline constraints,
and to identify and escalate issues that may impact project
- Creative mindset that will allow effective challenge on how the
internal audit program and specific internal audit projects are
performed to promote continuous improvement.
- Strong organizational skills and proven ability to effectively
manage and prioritize time amongst various activities.
- Bachelor's degree in Information Systems, Software Engineering,
Accounting, Finance, Risk Management or related field, or
commensurate work experience.
- Experience with implementing automation or other means of
gaining efficiencies during audits and determining useful metrics
for continuous monitoring of controls under audit is preferred.
It Pays to Work Here
We take a holistic approach to compensation at Gemini, which
- Competitive Compensation and Profit-Sharing Equity
- Flexible vacation policy
- Retirement Plan Matching
- Generous Parental leave
- Comprehensive health plans
- Training and professional development
At Gemini, we strive to build diverse teams that reflect the people
we want to empower through our products, and we are committed to
equal employment opportunity regardless of race, color, ancestry,
religion, sex, national origin, sexual orientation, age,
citizenship, marital status, disability, gender identity, or
Veteran status. Equal Opportunity is the Law, and Gemini is proud
to be an equal opportunity workplace and affirmative action
employer. If you have a specific need that requires accommodation,
please let a member of the People Team know.
Keywords: Gemini, Chicago , Principal, Technology and Security Internal Auditor, Accounting, Auditing , Chicago, Illinois
Didn't find what you're looking for? Search again!