Sr. Risk & SOX Controls Manager
Kraken
Building the Future of Crypto
Our Krakenites are a world-class team with crypto conviction, united by our desire to discover and unlock the potential of crypto and blockchain technology.
What makes us different?
Kraken is a mission-focused company rooted in crypto values. As a Krakenite, you’ll join us on our mission to accelerate the global adoption of crypto, so that everyone can achieve financial freedom and inclusion. For over a decade, Kraken’s focus on our mission and crypto ethos has attracted many of the most talented crypto experts in the world.
Before you apply, please read the Kraken Culture page to learn more about our internal culture, values, and mission. We also expect candidates to familiarize themselves with the Kraken app. Learn how to create a Kraken account here.
As a fully remote company, we have Krakenites in 70+ countries who speak over 50 languages. Krakenites are industry pioneers who develop premium crypto products for experienced traders, institutions, and newcomers to the space. Kraken is committed to industry-leading security, crypto education, and world-class client support through our products like Kraken Pro, Desktop, Wallet, and Kraken Futures.
Become a Krakenite and build the future of crypto!
Proof of work
The team
We are looking for a Senior Manager to join our Enterprise Risk Management (ERM) team, focusing on both risk management and SOX compliance at Kraken. This role will lead the development and execution of risk and control frameworks, ensuring alignment with enterprise-wide initiatives and compliance with SOX requirements. The successful candidate will be responsible for strengthening global operations, enhancing risk oversight, and fostering a risk-aware culture across the organization.
You will work closely with key stakeholders across the organization—including Finance, Legal, Product, and Compliance—to strengthen Kraken’s overall risk management program and drive efficiencies in the control environment.
The opportunity
Scope, design, and implement SOX controls, ensuring compliance through risk assessments, controls mapping, and documentation.
Coordinate annual SOX audits, manage evidence collection, testing, and remediation efforts, and collaborate with internal teams and external auditors.
Conduct gap analyses, track control effectiveness, and drive automation to enhance SOX compliance efficiency.
Deliver SOX training, prepare compliance reports, and support ad hoc reporting and special projects.
Align with the global ERM team to integrate enterprise-wide risk strategies, leverage GRC systems, and enhance oversight through risk appetite statements and reporting.
Develop and implement KRIs, RCSAs, and tactical risk assessments, drive automation initiatives, and improve operational efficiency and scalability.
Lead risk evaluations for major projects, new product launches, and regulatory changes, while supporting emerging risk monitoring and enterprise-wide initiatives.
Skills you should HODL
10+ years of experience in a risk management, internal audit, or SOX compliance role, with 2+ years in a management/leadership capacity.
Bachelor's degree in a relevant field (e.g., Risk Management, Business, Finance, Accounting); CPA preferred.
Expertise in ERM frameworks (e.g., COSO) and risk management best practices, including risk appetite, KRIs, and RCSAs.
Strong knowledge of SOX 404 requirements, ICFR, SOC reports, and the documentation/testing needed to support compliance.
Demonstrated ability to integrate risk management practices into business processes and drive a risk-aware culture.
Proven project management skills, with the ability to multitask, prioritize, and deliver high-quality results in a fast-paced, ambiguous environment.
Exceptional communication and interpersonal skills, with a track record of collaborating across departments and influencing stakeholders.
Experience with GRC systems.
Knowledge of cryptocurrency markets and related technical products.
Previous experience working with complex, cross-regional risk frameworks.
#LI-Remote #LI-KF1
This job is accepting ongoing applications and there is no application deadline.
Please note, applicants are permitted to redact or remove information on their resume that identifies age, date of birth, or dates of attendance at or graduation from an educational institution.
We consider qualified applicants with criminal histories for employment on our team, assessing candidates in a manner consistent with the requirements of the San Francisco Fair Chance Ordinance.
Kraken is powered by people from around the world and we celebrate all Krakenites for their diverse talents, backgrounds, contributions and unique perspectives. We hire strictly based on merit, meaning we seek out the candidates with the right abilities, knowledge, and skills considered the most suitable for the job. We encourage you to apply for roles where you don't fully meet the listed requirements, especially if you're passionate or knowledgable about crypto!
As an equal opportunity employer, we don’t tolerate discrimination or harassment of any kind. Whether that’s based on race, ethnicity, age, gender identity, citizenship, religion, sexual orientation, disability, pregnancy, veteran status or any other protected characteristic as outlined by federal, state or local laws.
Stay in the know