Internal Audit Lead (IT)

We are seeking an accomplished and highly skilled IT Internal Audit Lead to strengthen our global Internal Audit function. This key role will drive high-impact IT audit execution across Bybit's global technology environment, covering IT governance, information security, applications, infrastructure, data, business continuity and wallet/custody domains. You will coordinate end-to-end audit delivery, including planning, fieldwork, and reporting, ensuring independent, objective, and rigorous assurance across all Group and regional operations.

Reporting to the IT Internal Audit Director, the successful candidate brings deep IT audit expertise, strong execution discipline, and the ability to operate in a fast-paced, high-growth digital asset environment. Experience in cryptocurrency, financial services, blockchain technology, and associated risk domains is highly preferred.

Responsibilities

• Audit Planning & Preparation

• Conduct preliminary research and technology-risk scanning to understand emerging risks, regulatory expectations, and jurisdictional differences impacting Bybit's technology environment.
• Participate in walkthroughs with Technology, Security, Product, Operations and other stakeholders to understand systems, processes, risks, and IT control environments.
• Contribute to the development of the annual risk-based IT Internal Audit Plan aligned with business priorities and global regulatory requirements

• Audit Execution

• Perform end-to-end IT audits across IT governance, information security, applications, infrastructure, data management, business continuity, and wallet/custody operations.
• Execute testing in line with Internal Audit methodology, including process mapping, control design assessment, operating effectiveness testing, application control and system interface testing, configuration/code review, and log analysis.
• Develop well-substantiated audit findings, including clear risk statements, root-cause analysis, and practical remediation recommendations based on observed gaps and regulatory standards.
• Assess Bybit's compliance with relevant technology, cybersecurity, outsourcing, and digital-asset regulatory requirements across multiple jurisdictions

• Reporting & Follow-Up

• Prepare clear, concise, and well-structured IT audit reports for senior management and the Board Audit Committee.
• Present audit results to stakeholders and support effective communication of technology-risk themes and required remediation actions.
• Proactively track issue remediation progress, validate the implementation of corrective actions, and maintain accurate status updates for management reporting.

• Cross-Functional Collaboration

• Support thematic technology reviews, deep-dives, cross-regional audits, and data-driven audit analytics initiatives.
• Build strong working relationships with technology leaders and key stakeholders to provide sound advisory guidance on IT control matters while retaining audit independence.
• Collaborate closely with global IA colleagues as One Team to ensure alignment, coverage consistency, and knowledge sharing across regions and portfolios.

• Regulatory & Industry Awareness

• Stay informed of the latest industry trends, emerging technologies, regulatory developments, and cyber risks in the cryptocurrency and blockchain space to maintain a relevant and forward-looking IT audit plan.
• Support readiness for regulatory reviews, independent assessments, and licensing audits related to technology, cybersecurity, systems governance, outsourcing, and operational resilience.

Requirements

• Qualifications & Experience

• Bachelor's degree in Information Systems, Computer Science, Engineering, or a related field.
• Minimum of 8 years of IT audit experience within financial services, fintech, or cryptocurrency exchange environments.
• Broad exposure to IT governance, information security, cybersecurity, infrastructure, applications, data management, and business continuity.
• Understanding of blockchain ecosystems, cryptocurrency exchange operations, and wallet/custody architecture is an advantage.
• Familiarity with digital-asset regulatory frameworks (e.g., EU, UAE, Trkiye, Kazakhstan) is preferred.

• Technical Skills

• Solid understanding of IT control design, technology risk assessment, and IT audit execution methodologies.
• Ability to produce high-quality workpapers, testing documentation, and well-structured audit issue write-ups.
• Hands-on experience with process mapping, system/interface testing, configuration or code review, and log analysis.
• Experience with audit data analytics tools is a plus.

• Soft Skills

• Strong analytical and problem-solving skills with the ability to identify control gaps and propose practical, risk-based recommendations.
• Effective communication and interpersonal skills to conduct walkthroughs, discuss findings, and engage with technical and business stakeholders.
• Ability to manage multiple audits and operate independently in a fast-paced, globally distributed technology environment.
• Strong stakeholder relationship-building skills, with the ability to collaborate across regions and functional teams.

• Certifications

• Professional certifications such as CISA, CISM, CISSP, or CRISC are preferred.

• Other Requirements

• High degree of integrity, professional skepticism, and attention to detail.
• Experience working across culturally diverse teams and multi-jurisdictional environments is preferred.
• Strong proficiency in English and Mandarin Chinese languages.
• Location: Preferably based in Abu Dhabi or Malaysia.