Audit and Exam Program Manager

About Paxos

Today’s financial infrastructure is archaic, expensive, inefficient and risky — supporting a system that leaves out more people than it lets in. So we’re rebuilding it. We’re on a mission to open the world’s financial system to everyone by enabling the instant movement of any asset, any time, in a trustworthy way. For over a decade, we’ve built blockchain infrastructure that tokenizes, custodies, trades and settles assets for the world’s leading financial institutions, like PayPal, Venmo, Mastercard and Interactive Brokers.

About the team

The Audit & Exams function supports Paxos’ independent third line of defense, overseeing the outsourced Internal Audit program and coordinating audit and exam activities across regulators and key stakeholders. We operate at the intersection of crypto, banking and prudential regulation as one of the first federally regulated trust banks under OCC supervision focused on digital assets. That means expectations are evolving, the playbook is still being written, and our work directly shapes how this new category is supervised.

The team partners closely with Risk, Compliance, Legal, Finance, Product and Operations to ensure Paxos is audit‑ready, aligned with regulatory expectations, and operating with a strong, sustainable control environment — even when the problems are ambiguous and the answers are not yet obvious.

About the role

We are looking for an Audit & Exam Program Manager who is not only excellent at running audits and exams, but also excited to build and evolve the way they are done at Paxos.

Reporting to the Director of Audit & Exams, you will help design and manage a scalable, risk‑based audit and exam program for multi-jurisdictional regulated company operating on the frontier of financial market infrastructure for digital assets. You’ll take high‑level regulatory expectations and translate them into practical plans, playbooks, and routines that work for a fast‑moving, product‑driven company.

This role is a fit for someone who:

• Enjoys turning ambiguity into structure — building processes where there were none, and improving them every cycle.

• Is comfortable engaging directly with auditors and regulators while also rolling up their sleeves to fix gaps, re‑design workflows, and implement better ways of working.

• Wants to help define what “good” looks like for audits and exams in the digital asset banking space, not just follow an existing template.

What you’ll do

• Build and evolve the audit & exam framework by co-designing and maintaining a multi-year audit and exam strategy, along with the playbooks, templates, and tools that govern how Paxos plans, executes, and closes every engagement.

• Translate ambiguous or first-time regulatory expectations into clear, executable workstreams with defined ownership, timelines, and success criteria, ensuring responses meet OCC and internal standards.

• Lead day-to-day management of audits and exams, including end-to-end delivery of internal audits and regulatory exams, maintaining a real-time portfolio view of all engagements, and proactively surfacing dependencies and resourcing needs.

• Drive high-quality execution and remediation by enforcing high evidence and documentation standards, tracking issues and action plans, and ensuring durable remediations are implemented in daily operations.

• Shape narratives and communicate impact by synthesizing engagement results into concise, executive-ready updates and using insights to strengthen the risk and control framework and influence key business decisions.

• Continuously improve how we work by running post-engagement retrospectives, converting learnings into process, tooling, and training changes, and fostering a culture of continuous audit and exam readiness.

About you

• 5+ years of experience in internal audit, risk, compliance, or regulatory assurance within financial services or a similarly regulated environment, including meaningful exposure to working with regulators (e.g., OCC, Fed) and familiarity with audit and control frameworks (e.g., SOC 1/SOC 2) and the three-lines-of-defense model.

• Possesses a "builder mindset" to innovate and significantly upgrade processes, tools, or programs within a regulated environment, balancing creativity with strict regulatory discipline.

• Comfort with ambiguity, thriving in evolving environments where expectations and the "right answer" may not be fully defined.

• Program and stakeholder management: Exceptional program management skills to juggle multiple engagements, keep cross-functional teams aligned, and consistently hit deadlines.

• You are within commuting distance to our office in Manhattan.