Experience in IT risk and security audits., Proven success in risk assessments and control monitoring., Knowledge of GRC management tools like ServiceNow., CISA certification or equivalent is required..
Key responsibilities:
Conduct IT risk, gap, and readiness assessments.
Implement and monitor controls to ensure compliance.
Work on cross-functional projects related to IT compliance.
Collaborate with control owners and external auditors.
Report this Job
Help us maintain the quality of our job listings. If you find any issues
with this job post, please let us know. Select the reason you're reporting
this job:
Anchorage Digital makes it simple and secure for institutions to build products and gain exposure to digital assets as the first federally chartered digital asset bank. With secure custody at its core, Anchorage is the premier partner for institutions and corporations. Anchorage offers financial solutions for today and tomorrow. Learn more at anchorage.com.
Anchorage Digital was founded in 2017 to advance institutional participation in digital assets. Anchorage began as the leader in digital asset custody, solving private key security, and expanded its offerings to make every form of institutional participation as seamless as possible through Lending, Trading, Financing, Staking, and Governance, all integrated with secure, regulated custody. Today, Anchorage brings the best of modern security engineering to institutional custody and banking.
Anchorage Digital Bank received the first federal banking charter for a digital bank and converted from its South Dakota trust charter in January 2021.
Anchorage Digital raised $350 million in a December 2021 Series D funding round that valued Anchorage at over $3 billion. Led by global investment firm KKR, other participants included Goldman Sachs, Andreessen Horowitz, Apollo credit funds, funds and accounts managed by BlackRock, Blockchain Capital, GIC, Lux Capital, PayPal Ventures, Thoma Bravo and Wellington Management. Its advisors include Stanley Druckenmiller, Kevin Warsh, Max Levchin, and Elad Gil.
At Anchorage Digital, we are building the world’s most advanced digital asset platform for institutions to participate in crypto.
Anchorage Digital is a crypto platform that enables institutions to participate in digital assets through custody, staking, trading, governance, settlement, and the industrys leading security infrastructure. Home to Anchorage Digital Bank N.A., the only federally chartered crypto bank in the U.S., Anchorage Digital also serves institutions through Anchorage Digital Singapore, Porto by Anchorage Digital, and other offerings.
The company is funded by leading institutions including Andreessen Horowitz, GIC, Goldman Sachs, KKR, and Visa, with its Series D valuation over $3 billion. Founded in 2017 in San Francisco, California, Anchorage Digital has offices in New York, New York; Porto, Portugal; Singapore; and Sioux Falls, South Dakota. Learn more at anchorage.com, on X @Anchorage, and on LinkedIn.
As a Member of Compliance, Information Technology, you’ll get the opportunity to work on various projects across the organization ranging from IT risk, gap, and readiness assessments to controls implementation and monitoring. This role is highly crossfunctional and will cover multiple service offerings and entities (Anchor Labs, Inc., Anchorage Digital Bank, Anchorage Digital Singapore, Anchorage Digital New York, etc.).
We have created the Factors of Growth & Impact to help Villagers better measure impact and articulate coaching, feedback, and the rich and rewarding learning that happens while exploring, developing, and mastering the capabilities and contributions within and outside of the Member of Compliance, Information Technology role:
Technical Skills:
Have a complete conceptual knowledge and full understanding of principles, practices, and a working knowledge of Governance, Risk, and Compliance (GRC), the full lifecycle of audit methodology, IT RiskControls, SOC, information security, policy governance, and management.
Have an understanding of IT, engineering processes and tools, and cloud computing.
Apply experience and analytical skills to “connect the dots” between the company’s business and products to the IT environment in order to evaluate whether compliance obligations are being met.
Resolve a wide range of issues in creative ways, working directly with control owners to ensure regulatory requirements are being met, including managing and tracking findings (from risk assessments, audits, etc.) from identification to remediation.
Have experience with GRC management tools (e.g., ServiceNow).
Complexity and Impact of Work:
Participate in completing detailed testing of IT processes and controls, including developing test objectives, determination of key risks, using the department methodologies under the direction of the IT Risk Lead.
Assisting in scoping the reviews, identifying risks in the process, determining expected controls, creating project timelines, conducting process understanding meetings, creating test scripts, performing and documenting testing, developing recommendations, and drafting succinct reports. Assisting with the validation of remediation activities.
Can produce detailed working papers to document the testing of the IT control in accordance with department and audit standards.
Can work autonomously, define priorities under broad direction, and apply problemsolving skills to translate regulations and compliance obligations into technical controls, and vice versa.
Drives work independently and significantly contributes to mediumtolarge crossfunctional projects with little oversight and coordinating activities of other project team members.
Identify process and control gaps and enhancements, and be capable of evaluating remediation plans.
Contributes to ad hoc internal and external assessments that support the company’s ongoing and future initiatives.
Consistently demonstrates ontime delivery and highquality work products. Where a deadline or commitment is at risk, escalate to the manager to help manage priorities, if appropriate, and alert affected stakeholders, so there are “no surprises”.
Organizational Knowledge:
Awareness of the strategy of Anchorage is considered when not only working crossfunctionally with security, product, design, engineering, legal, TPRM, people, and external auditors but also understanding how each area is impacted by compliance.
Influences the IT Compliance roadmap and initiatives.
Understand how the company’s priorities relate to their own area of work and clearly communicate the ‘why’ behind the work.
Communication and Influence:
Promote a positive working environment through proper listening, speaking, and empathy with team members.
Embody and is a role model for our cultural pillars.
Communicates proactively, takes ownership of assigned workprojects, and is comfortable asking questions when something is unclear or to further knowledge in a specific area.
Contribute to crossfunctional projects, collaborate with their team and adjacent teams working directly with subjectmatter experts, and doing meaningful translation of compliance requirements into actionable processes.
Enhance relationships and networks with senior internal and external stakeholders within their own area of expertise.
Consistently express clear, thoughtful, analytical, and solutionsoriented communications, whether in highimpact slidesdecks, written communications in Slack or email, or verbal communications.
You may be a fit for this role if you have:
Experience in IT risk and security audits.
Experience in supportingmanaging the complete audit life cycle.
Proven success performing various risk assessments (e.g., enterprise risk, information security).
Demonstrated success in automating control monitoring techniques.
Experience creating and managing policies and procedures.
Experience in creating detailed work papers to sufficiently support the testing engagement.
Knowledge of public cloud infrastructure (AWSGCPAzure).
Passion for digging into the weeds, problemsolving, and building programs from the ground up.
Proven track record of effective crossfunctional project management and organizational skills.
CISA certification or equivalent is required.
Although not a requirement, bonus points if:
Security certifications such as CISSP, CCSP.
Experience in managing GRC processes in tools such as ServiceNow.
Understanding of crypto staking andor governance.
Had interactions with regulatory authorities and auditors.
A technicalengineering background or mindset.
Fintech or financial services industry experience.
You were emotionally moved by the soundtrack to Hamilton, which chronicles the founding of a new financial system. :)
About Anchorage Digital: Who we are
The Anchorage Village, what we call our team, brings together the brightest minds from platform security, financial services, and distributed ledger technology to provide the building blocks that empower institutions to safely participate in the evolving digital asset ecosystem. As a diverse team of more than 300 members, we are united in one common goal: building the future of finance by providing the foundation upon which value moves safely in the new global economy.
Anchorage Digital is committed to being a welcoming and inclusive workplace for everyone, and we are intentional about making sure people feel respected, supported, and connected at work—regardless of who you are or where you come from. We value and celebrate our differences and we believe being open about who we are allows us to do the best work of our lives.
Anchorage Digital is an Equal Opportunity Employer. We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or veteran status. Anchorage Digital considers qualified applicants regardless of criminal histories, consistent with other legal requirements. “Anchorage Digital” refers to services that are offered either through Anchorage Digital Bank National Association, an OCCchartered national trust bank, or Anchorage Lending CA, LLC a finance lender licensed by the California Department of Financial Protection and Innovation, License No. 60DBO11976, or Anchorage Digital Singapore Pte Ltd, a Singapore private limited company, all whollyowned subsidiaries of Anchor Labs, Inc., a Delaware corporation.
Protecting your privacy rights is important to Anchorage Digital, and we work to maintain the trust and confidence of our clients when handling personal or financial information. Please see our privacy policy notices here.
Required profile
Experience
Industry :
Financial Services
Spoken language(s):
English
Check out the description to know which languages are mandatory.