Risk & Internal Controls Manager

About The Position

Requirements

• 4–6 years of experience in internal audit, enterprise risk management, SOX, or internal controls within a regulated financial services or fintech environment.
• Demonstrated working knowledge of COSO Internal Control and ERM frameworks; familiarity with FFIEC, SOC reporting, and audit standards.
• Experience supporting SOC 1 / SOC 2, financial statement audits, and regulatory examinations, including direct interaction with external auditors.
• Strong ability to design and execute risk-based testing plans, document results, and communicate issues clearly to senior management.
• Proven stakeholder management skills, with the ability to coordinate across Compliance, Finance, Product, Engineering, and Operations.
• Bachelor’s degree required; professional certifications such as CIA, CISA, CPA, or CRISC preferred.

Responsibilities

• Maintain and enhance the enterprise risk management (ERM) methodology, risk scoring model, and Board-level risk dashboards.
• Build, execute, and document a risk-based annual testing plan covering operational, financial, technology, and governance risks (excluding BSA/AML and Consumer Compliance).
• Coordinate SOC 1 / SOC 2 and financial audit activities, including preparation of PBCs, control narratives, walkthroughs, and auditor responses.
• Maintain the enterprise issues log; validate remediation plans, track corrective actions, and report issue status and trends to senior management and the Board on a quarterly basis.
• Align testing scope, timing, and evidence reuse with independent AML and Consumer Compliance testing to reduce duplication and operational burden.
• Develop and report KRIs, KPIs, and emerging risk trends for Board Risk and Audit Committees.
• Maintain internal audit manuals, testing procedures, sampling methodologies, and standardized templates to ensure consistency and audit defensibility.

Benefits

• Medical, dental, and vision insurances
• unlimited paid time off
• 401k plan w/company match