Member of Compliance & Risk, Testing and Monitoring

Anchorage Digital is a crypto platform that enables institutions to participate in digital assets through custody, staking, trading, governance, settlement, and the industry's leading security infrastructure. Home to Anchorage Digital Bank N.A., the first federally chartered crypto bank in the U.S., Anchorage Digital also serves institutions through Anchorage Digital Singapore, Porto by Anchorage Digital, and other offerings.

The company is funded by leading institutions including Andreessen Horowitz, GIC, Goldman Sachs, KKR, and Visa, with its Series D valuation over $3 billion. Founded in 2017 in San Francisco, California, Anchorage Digital has offices in New York, New York; Porto, Portugal; Singapore; and Sioux Falls, South Dakota. Learn more at anchorage.com, on X @Anchorage, and on LinkedIn. 

• As a member of the TMG team, the individual will work on next generation testing practices in the first OCC chartered digital asset bank. This role will assist in enhancing the Bank's Fiduciary and Regulatory Compliance Program through identification of emerging risks and control gaps while scaling foundational IT risk management initiatives ranging from GRC Management, information security controls testing and risk assessment support. This highly cross-functional role covers multiple service offerings and global entities, offering a unique opportunity to manage various projects ranging from Bank’s regulatory obligations to Information Security risk assessments.

The successful candidate will be:

1. Performing testing activities from end-to-end as a lead to assess design and effectiveness of various compliance and controls to identify potential control gaps for remediation, acting as subject matter expert in both IT and regulatory risk.
2. Partnering with Operations, Compliance, Information Security, Engineering, Product, and Legal teams to translate complex regulatory requirements into actionable technical processes.
3. Collaborating with risk owners to provide "credible challenge" to remediation plans and track findings from identification through to validation using GRC tools (Audit Board).
4. Supporting information security risk assessments as needed.