Coinbase
Senior Analyst, Tech Risk and Controls
Coinbase, Sacramento, California, United States, 95828
Overview
Ready to be pushed beyond what you think you’re capable of? Coinbase’s mission is to increase economic freedom in the world. We’re building the emerging onchain platform and the future global financial system. We’re seeking a candidate who is passionate about our mission, believes in crypto and blockchain technology, and is eager to leave their mark by solving the company’s hardest problems. Our work culture is intense and not for everyone. If you want to build the future alongside others who excel, there’s no better place to be. In-person participation is required throughout the year for Coinbase roles that are not remote-only, with team and company-wide offsites multiple times annually to foster collaboration, connection, and alignment. Coinbase is looking for a creative and analytical Senior Analyst of Technology Risk & Controls. You will support the implementation and maturity of our technology and security controls lifecycle program, maturing our continuous controls monitoring program and ensuring the effectiveness and efficiency of technology and security controls. The ideal candidate will have a strong controls background with robust technical skills in data analysis and a preference for low-code/no-code platform automation. What you’ll be doing (job duties)
Continuous Controls Monitoring (CCM) Program Maturity: Lead initiatives to mature the CCM program, identify automation opportunities, improve data quality, and expand monitoring coverage. Controls Design and Implementation: Design, implement, and optimize technology controls across systems and platforms in collaboration with technology teams. Data Analysis and Reporting: Use data analysis tools to monitor control effectiveness, identify anomalies, and generate actionable insights and reports for stakeholders. Automation Development: Develop and implement automated solutions using low-code/no-code platforms to streamline control testing, monitoring, and reporting. Risk Assessment and Mitigation: Participate in risk assessments, identify control deficiencies, and recommend mitigation strategies. Stakeholder Collaboration: Partner with internal audit, compliance, IT operations, and other teams to align and execute control objectives. Documentation and Training: Create and maintain documentation for controls and processes, and train internal teams on control practices and monitoring. Maintain an Industry Pulse: Stay aware of international regulation, emerging threats, policies, and benchmarks. What we look for in you (requirements)
6+ years of experience in 1st or 2nd Line of Defense controls management or Governance, Risk, and Compliance. Control domain knowledge and best practices: familiarity with ISO 27001/5, NIST CSF, COBIT, ITIL, DORA, and risk quantification methodologies to measure and monitor controls/risks and evidence remediation. Ability to analyze our technology and security stack to understand controls and propose automation candidates. Technical data analysis skills: proficiency in SQL, Python, R, Excel, Looker, Snowflake, and related techniques for handling large datasets. Experience with project management tools (e.g., Jira, Archer) and data analytics tooling. Clear and concise written and verbal communication; ability to draft and operationalize project plans, hold teams accountable, and document deliverables for varied audiences. Regulatory familiarity: working knowledge of major US/international regulatory frameworks affecting technology organizations. Ability to navigate ambiguity and manage multiple assessments with strategic priorities. Commitment to continuous learning and the Coinbase learning culture. Excellent organization and project management skills in a fast-moving environment. Nice to have
Low-Code/No-Code Platform Experience: Experience with platforms like Workato, UiPath, Appian to build efficient solutions. Background in FinTech, TradFi, consulting, or related technical program management; customer-facing roles are valued. Knowledge of risk and control issues in evolving tech areas (crypto, cloud, data lakes, ML). Certifications such as CISA, CISSP, CISM are a plus. Coding knowledge is a plus but not required (e.g., building data joins, integrations with GRC and data visualization tools). Job #: P69475 #LI-Remote EEO and privacy
Pay Transparency Notice and range: $167,280—$196,800 USD. Full-time offers include target bonus, target equity, and benefits. Coinbase is an Equal Opportunity Employer; all qualified applicants will be considered without regard to race, color, religion, gender, national origin, age, disability, veteran status, sex, gender identity or expression, or other legally protected characteristics. Coinbase may consider applicants with criminal histories as required by law. References to employee rights, E-Verify, and data privacy notices are provided in the original posting as applicable. For accessibility accommodations, contact accommodations@coinbase.com.
#J-18808-Ljbffr
Ready to be pushed beyond what you think you’re capable of? Coinbase’s mission is to increase economic freedom in the world. We’re building the emerging onchain platform and the future global financial system. We’re seeking a candidate who is passionate about our mission, believes in crypto and blockchain technology, and is eager to leave their mark by solving the company’s hardest problems. Our work culture is intense and not for everyone. If you want to build the future alongside others who excel, there’s no better place to be. In-person participation is required throughout the year for Coinbase roles that are not remote-only, with team and company-wide offsites multiple times annually to foster collaboration, connection, and alignment. Coinbase is looking for a creative and analytical Senior Analyst of Technology Risk & Controls. You will support the implementation and maturity of our technology and security controls lifecycle program, maturing our continuous controls monitoring program and ensuring the effectiveness and efficiency of technology and security controls. The ideal candidate will have a strong controls background with robust technical skills in data analysis and a preference for low-code/no-code platform automation. What you’ll be doing (job duties)
Continuous Controls Monitoring (CCM) Program Maturity: Lead initiatives to mature the CCM program, identify automation opportunities, improve data quality, and expand monitoring coverage. Controls Design and Implementation: Design, implement, and optimize technology controls across systems and platforms in collaboration with technology teams. Data Analysis and Reporting: Use data analysis tools to monitor control effectiveness, identify anomalies, and generate actionable insights and reports for stakeholders. Automation Development: Develop and implement automated solutions using low-code/no-code platforms to streamline control testing, monitoring, and reporting. Risk Assessment and Mitigation: Participate in risk assessments, identify control deficiencies, and recommend mitigation strategies. Stakeholder Collaboration: Partner with internal audit, compliance, IT operations, and other teams to align and execute control objectives. Documentation and Training: Create and maintain documentation for controls and processes, and train internal teams on control practices and monitoring. Maintain an Industry Pulse: Stay aware of international regulation, emerging threats, policies, and benchmarks. What we look for in you (requirements)
6+ years of experience in 1st or 2nd Line of Defense controls management or Governance, Risk, and Compliance. Control domain knowledge and best practices: familiarity with ISO 27001/5, NIST CSF, COBIT, ITIL, DORA, and risk quantification methodologies to measure and monitor controls/risks and evidence remediation. Ability to analyze our technology and security stack to understand controls and propose automation candidates. Technical data analysis skills: proficiency in SQL, Python, R, Excel, Looker, Snowflake, and related techniques for handling large datasets. Experience with project management tools (e.g., Jira, Archer) and data analytics tooling. Clear and concise written and verbal communication; ability to draft and operationalize project plans, hold teams accountable, and document deliverables for varied audiences. Regulatory familiarity: working knowledge of major US/international regulatory frameworks affecting technology organizations. Ability to navigate ambiguity and manage multiple assessments with strategic priorities. Commitment to continuous learning and the Coinbase learning culture. Excellent organization and project management skills in a fast-moving environment. Nice to have
Low-Code/No-Code Platform Experience: Experience with platforms like Workato, UiPath, Appian to build efficient solutions. Background in FinTech, TradFi, consulting, or related technical program management; customer-facing roles are valued. Knowledge of risk and control issues in evolving tech areas (crypto, cloud, data lakes, ML). Certifications such as CISA, CISSP, CISM are a plus. Coding knowledge is a plus but not required (e.g., building data joins, integrations with GRC and data visualization tools). Job #: P69475 #LI-Remote EEO and privacy
Pay Transparency Notice and range: $167,280—$196,800 USD. Full-time offers include target bonus, target equity, and benefits. Coinbase is an Equal Opportunity Employer; all qualified applicants will be considered without regard to race, color, religion, gender, national origin, age, disability, veteran status, sex, gender identity or expression, or other legally protected characteristics. Coinbase may consider applicants with criminal histories as required by law. References to employee rights, E-Verify, and data privacy notices are provided in the original posting as applicable. For accessibility accommodations, contact accommodations@coinbase.com.
#J-18808-Ljbffr