TaxBit is helping to drive mainstream adoption of digital assets by connecting the consumer, enterprise, and government tax and accounting ecosystems.
Our Software-as-a-Service platform streamlines our customers’ reporting experience across traditional and digital asset classes. We are trusted in this work by thousands of consumers, leading exchanges and enterprises, government agencies (including the IRS), respected accounting firms, and others to solve complex accounting problems at scale and ensure compliance with the latest tax laws. TaxBit investors include Paradigm, Tiger Global, PayPal Ventures, Winklevoss Capital, Coinbase Ventures, and other leading crypto investors. Our team is located in Salt Lake City, UT and Seattle, WA.
If you’re searching for a company that’s dedicated to your growth, recognizes your unique contribution, and provides a fun, flexible and inclusive work environment, then TaxBit is the place for you. We’re looking for team members ready to join a hyper growth company and are excited to work at the forefront of an entirely new industry.
The Risk and Compliance Analyst is an integral part of the growing Security organization of TaxBit, Inc. This role will identify the need for, design, and test TaxBit security controls. The role will work with cross-functional teams to establish technology controls as we adhere to a security compliance framework. The role will serve as the auditing function of TaxBit, will monitor and evaluate TaxBit’s high risk vendors, as well as establish controls and processes as it relates to our annual SOC 2 and ISO compliance.
What You’ll Do
- Assist the Director of Security and Risk and Compliance Program Manager in the design and testing of technology controls
- Work with cross-functional teams and stakeholders to mitigate or reduce identified risks
- Author and improve team procedures and processes regarding security compliance
- Demonstrate TaxBit’s security capabilities by responding to security questionnaires
- Evaluate third parties for potential security risks related to the services they provide
- Identify, evaluate, and manage security risks through a risk management program
- Continually improve upon the GRC tool capabilities
- Conduct team member training on security and risk topics
- Under direction from the Director of Security, actively engage with team members and audit firms on ensuring compliance with compliance frameworks (ISO27001, SOC 2)
What You’ll Need
- Bachelor's Degree in Business, Accounting, or a technical field (Computer Science, Mathematics, Engineering)
- Overall 3-4 years of experience in GRC and/or other security roles
- Understanding of security standards and frameworks such as ISO 27001, SOC 2, NIST 800-53, NIST CSF
- Knowledge of security best practices and defense in depth strategies
- Experience in IT governance and controls
- Working knowledge of Privacy regulation (GDPR, CCPA)
- Experience conducting risk assessments and monitoring a risk register
Nice to Have
- Graduate Degree in Business, Accounting, or a technical field (Computer Science, Mathematics, Engineering)
- Experience with FedRamp
- Previous experience in FinTech, Big 4, Accounting or other financial experience
Why you want to work here
- Competitive cash compensation
- Stock options
- Heath, Dental, Vision, and Life Insurance
- Hybrid working model: 3 days in-office, 2 days WFH/flexible
- Friday team lunches
- Autonomous work and flexibility in how work is performed