Coinbase
Ready to be pushed beyond what you think you’re capable of?
At Coinbase, our mission is to increase economic freedom in the world. It’s a massive, ambitious opportunity that demands the best of us, every day, as we build the emerging onchain platform — and with it, the future global financial system.
To achieve our mission, we’re seeking a very specific candidate. We want someone who is passionate about our mission and who believes in the power of crypto and blockchain technology to update the financial system. We want someone who is eager to leave their mark on the world, who relishes the pressure and privilege of working with high caliber colleagues, and who actively seeks feedback to keep leveling up. We want someone who will run towards, not away from, solving the company’s hardest problems.
Our work culture is intense and isn’t for everyone. But if you want to build the future alongside others who excel in their disciplines and expect the same from you, there’s no better place to be.
While many roles at Coinbase are remote-first, we are not remote-only. In-person participation is required throughout the year. Team and company-wide offsites are held multiple times annually to foster collaboration, connection, and alignment. Attendance is expected and fully supported.
At Coinbase, we view security as one of our core product features. As part of this role, you would be joining the dedicated Security team supporting our Institutional business lines and helping to create a secure user experience for our customers. You will support operations for some of our core security processes, as well as partnering closely with our product partners and other core teams to help design product features that will maximize security without adding unnecessary friction. As part of this role, you’ll work closely with product engineers, cryptography engineers, and other technical teams, so a deep understanding of backend systems will be a significant benefit in this role. The Institutional business at Coinbase is evolving rapidly, making this a great opportunity to be a part of furthering Coinbase’s mission of being the Most Trusted crypto company.
What you'll be doing (ie. job duties):
Lead and develop the comprehensive information security strategy and program as the foundational security leader supporting the local entity CEO
Design, implement, and manage security threat modeling, penetration testing, secure cryptographic key management, and data separation initiatives
Security leader of a small team of security specialists whose team will grow with the business
Architect and deploy technical security infrastructure and controls to protect critical business assets and meet regulatory compliance requirements
Lead engineering build activities for custom security tools, monitoring systems, and automated security controls tailored to business requirements
Fully build and own all local security controls within the entity, ensuring comprehensive coverage of security functions from the ground up
Conduct security analysis of software code, applications, and systems to identify vulnerabilities and implement remediation strategies
Manage security operations and incident response procedures, including crisis communication and board-level reporting during security events
Lead M&A due diligence activities to assess security risks and threat surfaces of potential acquisition targets
Define and execute integration strategies for acquired companies, ensuring seamless security alignment and risk mitigation
Evaluate and determine which security functions require in-house capabilities versus outsourced solutions to meet local regulatory and business needs
Develop and maintain security policies, risk management frameworks, and compliance documentation aligned with industry best practices and regulatory requirements
What we look for in you (ie. job requirements):
Proven expertise as a hands-on security practitioner with deep specialization in at least one of: penetration testing, software engineering, security architecture, or secure product development
Strong software engineering background with ability to read, analyze, and perform security assessments of complex codebases
Demonstrated experience designing and implementing technical security infrastructure, controls, and architectures at scale
Leadership experience building and managing security teams, with ability to scale from individual contributor to management
Security operations and incident response expertise, including crisis management and communication during security events
Executive-level communication skills with ability to present security strategy and risk assessments to board members and C-suite executives
Experience working in highly regulated industries with complex compliance requirements and regulatory frameworks
Strong technical understanding of backend engineering architectures, cloud security, and modern application security principles
Technical capability to evaluate when to insource or integrate security capabilities to strengthen and address organizational security needs
Experience evaluating and determining which security functions require in-house capabilities versus outsourced solutions to meet regulatory and business needs
Nice to haves:
Knowledge of cryptography, multi-party computation, and secure key management best practices
Advanced penetration testing certifications such as OSCP, OSCE, GPEN, or similar hands-on security certifications
Hands-on engineering experience building custom security tools, automation platforms, and infrastructure-as-code implementations
Background in financial services, fintech, or cryptocurrency/blockchain security
Master's degree in Information Security, Computer Science, Engineering, or related technical field
Experience with security analytics platforms and threat hunting capabilities for data-driven security decision making
Previous BISO, CISO, or senior security leadership experience in high-growth technology companies
Knowledge of regulatory frameworks specific to financial services and digital assets
Product security experience integrating security controls into software development lifecycles and designing security features for product engineering teams
Experience evaluating companies and merging security programs through acquisition or partnership activities
Job #: P69492
Pay Transparency Notice:
Depending on your work location, the target annual salary for this position can range as detailed below. Full time offers from Coinbase also include target bonus + target equity + benefits (including medical, dental, vision and 401(k)).
Pay Range:
$275,400—$324,000 USD
Please be advised that each candidate may submit a maximum of four applications within any 30-day period. We encourage you to carefully evaluate how your skills and interests align with Coinbase's roles before applying.
Commitment to Equal Opportunity
Coinbase is proud to be an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, gender, national origin, age, disability, veteran status, sex, gender expression or identity, sexual orientation or any other basis protected by applicable law. Coinbase will also consider for employment qualified applicants with criminal histories in a manner consistent with applicable federal, state and local law. For US applicants, you may view the Employee Rights and the Know Your Rights notices by clicking on their corresponding links. Additionally, Coinbase participates in the E-Verify program in certain locations, as required by law.
Coinbase is also committed to providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation because of a disability for any part of the employment process, please contact us at accommodations[at]coinbase.com to let us know the nature of your request and your contact information. For quick access to screen reading technology compatible with this site click here to download a free compatible screen reader (free step by step tutorial can be found here).
Global Data Privacy Notice for Job Candidates and Applicants
Depending on your location, the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA) may regulate the way we manage the data of job applicants. Our full notice outlining how data will be processed as part of the application procedure for applicable locations is available here. By submitting your application, you are agreeing to our use and processing of your data as required. For US applicants only, by submitting your application you are agreeing to arbitration of disputes as outlined here.
AI Disclosure
For select roles, Coinbase is piloting an AI tool based on machine learning technologies to conduct initial screening interviews to qualified applicants. The tool simulates realistic interview scenarios and engages in dynamic conversation. A human recruiter will review your interview responses, provided in the form of a voice recording and/or transcript, to assess them against the qualifications and characteristics outlined in the job description.
For select roles, Coinbase is also piloting an AI interview intelligence platform to transcribe and summarize interview notes, allowing our interviewers to fully focus on you as the candidate.
The above pilots are for testing purposes and Coinbase will not use AI to make decisions impacting employment . To request a reasonable accommodation due to disability, please contact accommodations@coinbase.com.
At Coinbase, our mission is to increase economic freedom in the world. It’s a massive, ambitious opportunity that demands the best of us, every day, as we build the emerging onchain platform — and with it, the future global financial system.
To achieve our mission, we’re seeking a very specific candidate. We want someone who is passionate about our mission and who believes in the power of crypto and blockchain technology to update the financial system. We want someone who is eager to leave their mark on the world, who relishes the pressure and privilege of working with high caliber colleagues, and who actively seeks feedback to keep leveling up. We want someone who will run towards, not away from, solving the company’s hardest problems.
Our work culture is intense and isn’t for everyone. But if you want to build the future alongside others who excel in their disciplines and expect the same from you, there’s no better place to be.
While many roles at Coinbase are remote-first, we are not remote-only. In-person participation is required throughout the year. Team and company-wide offsites are held multiple times annually to foster collaboration, connection, and alignment. Attendance is expected and fully supported.
At Coinbase, we view security as one of our core product features. As part of this role, you would be joining the dedicated Security team supporting our Institutional business lines and helping to create a secure user experience for our customers. You will support operations for some of our core security processes, as well as partnering closely with our product partners and other core teams to help design product features that will maximize security without adding unnecessary friction. As part of this role, you’ll work closely with product engineers, cryptography engineers, and other technical teams, so a deep understanding of backend systems will be a significant benefit in this role. The Institutional business at Coinbase is evolving rapidly, making this a great opportunity to be a part of furthering Coinbase’s mission of being the Most Trusted crypto company.
What you'll be doing (ie. job duties):
Lead and develop the comprehensive information security strategy and program as the foundational security leader supporting the local entity CEO
Design, implement, and manage security threat modeling, penetration testing, secure cryptographic key management, and data separation initiatives
Security leader of a small team of security specialists whose team will grow with the business
Architect and deploy technical security infrastructure and controls to protect critical business assets and meet regulatory compliance requirements
Lead engineering build activities for custom security tools, monitoring systems, and automated security controls tailored to business requirements
Fully build and own all local security controls within the entity, ensuring comprehensive coverage of security functions from the ground up
Conduct security analysis of software code, applications, and systems to identify vulnerabilities and implement remediation strategies
Manage security operations and incident response procedures, including crisis communication and board-level reporting during security events
Lead M&A due diligence activities to assess security risks and threat surfaces of potential acquisition targets
Define and execute integration strategies for acquired companies, ensuring seamless security alignment and risk mitigation
Evaluate and determine which security functions require in-house capabilities versus outsourced solutions to meet local regulatory and business needs
Develop and maintain security policies, risk management frameworks, and compliance documentation aligned with industry best practices and regulatory requirements
What we look for in you (ie. job requirements):
Proven expertise as a hands-on security practitioner with deep specialization in at least one of: penetration testing, software engineering, security architecture, or secure product development
Strong software engineering background with ability to read, analyze, and perform security assessments of complex codebases
Demonstrated experience designing and implementing technical security infrastructure, controls, and architectures at scale
Leadership experience building and managing security teams, with ability to scale from individual contributor to management
Security operations and incident response expertise, including crisis management and communication during security events
Executive-level communication skills with ability to present security strategy and risk assessments to board members and C-suite executives
Experience working in highly regulated industries with complex compliance requirements and regulatory frameworks
Strong technical understanding of backend engineering architectures, cloud security, and modern application security principles
Technical capability to evaluate when to insource or integrate security capabilities to strengthen and address organizational security needs
Experience evaluating and determining which security functions require in-house capabilities versus outsourced solutions to meet regulatory and business needs
Nice to haves:
Knowledge of cryptography, multi-party computation, and secure key management best practices
Advanced penetration testing certifications such as OSCP, OSCE, GPEN, or similar hands-on security certifications
Hands-on engineering experience building custom security tools, automation platforms, and infrastructure-as-code implementations
Background in financial services, fintech, or cryptocurrency/blockchain security
Master's degree in Information Security, Computer Science, Engineering, or related technical field
Experience with security analytics platforms and threat hunting capabilities for data-driven security decision making
Previous BISO, CISO, or senior security leadership experience in high-growth technology companies
Knowledge of regulatory frameworks specific to financial services and digital assets
Product security experience integrating security controls into software development lifecycles and designing security features for product engineering teams
Experience evaluating companies and merging security programs through acquisition or partnership activities
Job #: P69492
Pay Transparency Notice:
Depending on your work location, the target annual salary for this position can range as detailed below. Full time offers from Coinbase also include target bonus + target equity + benefits (including medical, dental, vision and 401(k)).
Pay Range:
$275,400—$324,000 USD
Please be advised that each candidate may submit a maximum of four applications within any 30-day period. We encourage you to carefully evaluate how your skills and interests align with Coinbase's roles before applying.
Commitment to Equal Opportunity
Coinbase is proud to be an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, gender, national origin, age, disability, veteran status, sex, gender expression or identity, sexual orientation or any other basis protected by applicable law. Coinbase will also consider for employment qualified applicants with criminal histories in a manner consistent with applicable federal, state and local law. For US applicants, you may view the Employee Rights and the Know Your Rights notices by clicking on their corresponding links. Additionally, Coinbase participates in the E-Verify program in certain locations, as required by law.
Coinbase is also committed to providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation because of a disability for any part of the employment process, please contact us at accommodations[at]coinbase.com to let us know the nature of your request and your contact information. For quick access to screen reading technology compatible with this site click here to download a free compatible screen reader (free step by step tutorial can be found here).
Global Data Privacy Notice for Job Candidates and Applicants
Depending on your location, the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA) may regulate the way we manage the data of job applicants. Our full notice outlining how data will be processed as part of the application procedure for applicable locations is available here. By submitting your application, you are agreeing to our use and processing of your data as required. For US applicants only, by submitting your application you are agreeing to arbitration of disputes as outlined here.
AI Disclosure
For select roles, Coinbase is piloting an AI tool based on machine learning technologies to conduct initial screening interviews to qualified applicants. The tool simulates realistic interview scenarios and engages in dynamic conversation. A human recruiter will review your interview responses, provided in the form of a voice recording and/or transcript, to assess them against the qualifications and characteristics outlined in the job description.
For select roles, Coinbase is also piloting an AI interview intelligence platform to transcribe and summarize interview notes, allowing our interviewers to fully focus on you as the candidate.
The above pilots are for testing purposes and Coinbase will not use AI to make decisions impacting employment . To request a reasonable accommodation due to disability, please contact accommodations@coinbase.com.