Internal Control Manager

Circle (NYSE: CRCL) is one of the world's leading internet financial platform companies, building the foundation of a more open, global economy through digital assets, payment applications, and programmable blockchain infrastructure. Circle's platform includes the world's largest regulated stablecoin network anchored by USDC, Circle Payments Network for global money movement, and Arc, an enterprise-grade blockchain designed to become the Economic OS for the internet. Enterprises, financial institutions, and developers use Circle to power trusted, internet-scale financial innovation. Learn more at circle.com .
What you'll be part of:
Circle is committed to visibility and stability in everything we do. As we grow as an organization, we're expanding into some of the world's strongest jurisdictions. Speed and efficiency are motivators for our success and our employees live by our company values : High Integrity, Future Forward, Multistakeholder, Mindful, and Driven by Excellence. We have built a flexible work environment where new ideas are encouraged and everyone is a stakeholder.
What you'll be responsible for:
You will join the Enterprise Risk Management (ERM) team, specifically supporting the French entity. As an Internal Control Manager, you will play a pivotal role in the Second Line of Defense (2LoD), ensuring that CIFE operates within its risk appetite and complies with French and European regulations (MiCA, DORA, and the Order of 3 November 2014).
What you'll work on:
Reporting directly to the Internal Controls Risk Director, you will contribute to the design, implementation, and ongoing execution of the permanent control framework for Circle France. You will operate in a hybrid environment, where certain controls are performed locally while others are executed by Circle Group (Circle LLC), requiring strong oversight, effective coordination, and the ability to challenge and influence stakeholders.
1. Operational Execution of Permanent Controls (Local)

• Execute the Annual Internal Control Plan for CIFE, performing testing on 2nd-line controls to assess both design and operating effectiveness.
• Monitor compliance with MiCA requirements, with a particular focus on the Dual Issuer model and the adequacy of EEA reserve holdings.
• Perform controls related to DORA (Digital Operational Resilience Act), including verification of the Register of Information and monitoring ICT incident reporting processes.

2. Oversight of Outsourced Activities (Intra-Group)

• Act as a key challenger for controls outsourced to Circle LLC (e.g., IT, AML/Sanctions, Finance, HR).
• Review Service Level Agreements (SLAs) and Key Performance Indicators (KPIs) provided by the Group to ensure they meet French regulatory standards.
• Partner with global cross-functional stakeholders to map Group-level controls to local risk requirements, ensuring that sufficient evidence and Information Produced by the Entity are consistently maintained and readily retrievable in an audit-ready state.
• Verify that decision-making authority for critical outsourced functions remains with CIFE management and has not been implicitly delegated.

3. Issue Management & Remediation

• Manage the Risk Mitigation Plan (RMP) lifecycle in the GRC tool. Track identified deficiencies from internal controls, external audits (PASSI), or regulatory examination.
• Challenge First Line of Defense (1LoD) teams on root cause analyses and the feasibility of proposed remediation target dates.
• Verify the effective implementation of corrective measures prior to closing issues.

4. Reporting & Governance

• Contribute to the drafting of the Annual Internal Control Report (RACI) and the ICT Risk Management Appendix submitted to the ACPR.
• Prepare dashboards and reporting materials for the Risk & Compliance Committee (RCC) and the Supervisory Committee, highlighting control results, emerging risks, and key areas of concern.
• Assist in maintaining the Risk Register, ensuring that ICT and non-ICT risks are correctly mapped and rated.

What you'll bring to Circle:
Core Requirements

• 7+ years of experience in Internal Control, Risk Management, or Internal Audit within a regulated financial institution (Bank, Payment Institution, or EMI).
• Working knowledge of French internal control expectations (including the Order of 3 November 2014) and the ability to apply them pragmatically.
• Experience executing 2nd-line control testing, including scoping, walkthroughs, sample-based testing, and clear documentation of results and evidence.
• Experience overseeing outsourced or intra-group arrangements.
• Comfort using GRC tooling for risk assessments, risk registers, issue management, and remediation lifecycle tracking and validation.
• Fluent French and English with strong writing skills for governance materials, regulatory-facing documentation, and cross-functional communication.
• Strong communication skills with the ability to "challenge" counterparts in the US/Global teams constructively.

Preferred Requirements

• Direct exposure to MiCA and/or DORA implementation or control programs (outsourcing, ICT risk, Register of Information, incident reporting).
• Experience supporting regulatory examinations and/or external audits (including technology/security assurance engagements such as PASSI).
• Professional certification in IT, cybersecurity, IT governance, or project delivery (e.g., ITIL, COBIT, CISSP, CGEIT, TOGAF, CSM/PMI-ACP, CAPM/PMP) and/or demonstrated experience in roles requiring significant IT expertise.

Circle is on a mission to create an inclusive financial future, with transparency at our core. We consider a wide variety of elements when crafting our compensation ranges and total compensation packages.
Starting pay is determined by various factors, including but not limited to: relevant experience, skill set, qualifications, and other business and organizational needs. Please note that compensation ranges may differ for candidates in other locations.
We are an equal opportunity employer. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status, or any other protected status required by the laws in the locations where we hire. Additionally, Circle participates in the E-Verify Program in certain locations, as required by law.
Should you require accommodations or assistance in our interview process because of a disability, please reach out to [email protected] for support. We respect your privacy and will connect with you separately from our interview process to accommodate your needs.
#LI-Remote