About Us

Established in March 2018, Bybit is one of the fastest growing cryptocurrency derivatives exchanges, with more than 70 million registered users. We offer a professional platform where crypto traders can find an ultra-fast matching engine, excellent customer service and multilingual community support. We provide innovative online spot and derivatives trading services, mining and staking products, as well as API support, to retail and institutional clients around the world, and strive to be the most reliable exchange for the emerging digital asset class.

Our core values define us. We listen, care, and improve to create a faster, fairer, and more humane trading environment for our users. Our innovative, highly advanced, user-friendly platform has been designed from the ground-up using best-in-class infrastructure to provide our users with the industry's safest, fastest, fairest, and most transparent trading experience. Built on customer-centric values, we endeavour to provide a professional, 24/7 multi-language customer support to help in a timely manner.

As of today, Bybit is one of the most trusted, reliable, and transparent cryptocurrency derivatives platforms in the space.

We are seeking an accomplished and highly skilled IT Internal Audit Lead to strengthen our global Internal Audit function. This key role will drive high-impact IT audit execution across Bybit’s global technology environment, covering IT governance, information security, applications, infrastructure, data, business continuity and wallet/custody domains. You will coordinate end-to-end audit delivery, including planning, fieldwork, and reporting, ensuring independent, objective, and rigorous assurance across all Group and regional operations.

Reporting to the IT Internal Audit Director, the successful candidate brings deep IT audit expertise, strong execution discipline, and the ability to operate in a fast-paced, high-growth digital asset environment. Experience in cryptocurrency, financial services, blockchain technology, and associated risk domains is highly preferred.

Responsibilities

• Audit Planning & Preparation
• Conduct preliminary research and technology-risk scanning to understand emerging risks, regulatory expectations, and jurisdictional differences impacting Bybit’s technology environment.
• Participate in walkthroughs with Technology, Security, Product, Operations and other stakeholders to understand systems, processes, risks, and IT control environments.
• Contribute to the development of the annual risk-based IT Internal Audit Plan aligned with business priorities and global regulatory requirements
• Audit Execution
• Perform end-to-end IT audits across IT governance, information security, applications, infrastructure, data management, business continuity, and wallet/custody operations.
• Execute testing in line with Internal Audit methodology, including process mapping, control design assessment, operating effectiveness testing, application control and system interface testing, configuration/code review, and log analysis.
• Develop well-substantiated audit findings, including clear risk statements, root-cause analysis, and practical remediation recommendations based on observed gaps and regulatory standards.
• Assess Bybit’s compliance with relevant technology, cybersecurity, outsourcing, and digital-asset regulatory requirements across multiple jurisdictions
• Reporting & Follow-Up
• Prepare clear, concise, and well-structured IT audit reports for senior management and the Board Audit Committee.
• Present audit results to stakeholders and support effective communication of technology-risk themes and required remediation actions.
• Proactively track issue remediation progress, validate the implementation of corrective actions, and maintain accurate status updates for management reporting.
• Cross-Functional Collaboration
• Support thematic technology reviews, deep-dives, cross-regional audits, and data-driven audit analytics initiatives.
• Build strong working relationships with technology leaders and key stakeholders to provide sound advisory guidance on IT control matters while retaining audit independence.
• Collaborate closely with global IA colleagues as “One Team” to ensure alignment, coverage consistency, and knowledge sharing across regions and portfolios.
• Regulatory & Industry Awareness
• Stay informed of the latest industry trends, emerging technologies, regulatory developments, and cyber risks in the cryptocurrency and blockchain space to maintain a relevant and forward-looking IT audit plan.
• Support readiness for regulatory reviews, independent assessments, and licensing audits related to technology, cybersecurity, systems governance, outsourcing, and operational resilience.

Requirements

• Qualifications & Experience
• Bachelor’s degree in Information Systems, Computer Science, Engineering, or a related field.
• Minimum of 8 years of IT audit experience within financial services, fintech, or cryptocurrency exchange environments.
• Broad exposure to IT governance, information security, cybersecurity, infrastructure, applications, data management, and business continuity.
• Understanding of blockchain ecosystems, cryptocurrency exchange operations, and wallet/custody architecture is an advantage.
• Familiarity with digital-asset regulatory frameworks (e.g., EU, UAE, Türkiye, Kazakhstan) is preferred.
• Technical Skills
• Solid understanding of IT control design, technology risk assessment, and IT audit execution methodologies.
• Ability to produce high-quality workpapers, testing documentation, and well-structured audit issue write-ups.
• Hands-on experience with process mapping, system/interface testing, configuration or code review, and log analysis.
• Experience with audit data analytics tools is a plus.
• Soft Skills
• Strong analytical and problem-solving skills with the ability to identify control gaps and propose practical, risk-based recommendations.
• Effective communication and interpersonal skills to conduct walkthroughs, discuss findings, and engage with technical and business stakeholders.
• Ability to manage multiple audits and operate independently in a fast-paced, globally distributed technology environment.
• Strong stakeholder relationship-building skills, with the ability to collaborate across regions and functional teams.
• Certifications
• Professional certifications such as CISA, CISM, CISSP, or CRISC are preferred.
• Other Requirements
• High degree of integrity, professional skepticism, and attention to detail.
• Experience working across culturally diverse teams and multi-jurisdictional environments is preferred.
• Strong proficiency in English and Mandarin Chinese languages.
• Location: Preferably based in Abu Dhabi or Malaysia.