Description:
At Coinbase, we view security as one of our core product features. As part of this role, you would be joining the dedicated Security team supporting our Institutional business lines and helping to create a secure user experience for our customers. You will support operations for some of our core security processes, as well as partnering closely with our product partners and other core teams to help design product features that will maximize security without adding unnecessary friction. As part of this role, you’ll work closely with product engineers, cryptography engineers, and other technical teams, so a deep understanding of backend systems will be a significant benefit in this role. The Institutional business at Coinbase is evolving rapidly, making this a great opportunity to be a part of furthering Coinbase’s mission of being the Most Trusted crypto company.
What you’ll be doing (ie. job duties):
- Manage the Information Security program for our German entity, focusing on 1LOD IT security duties for CBG, ensuring compliance with BaFIN regulations.
- Operate core security processes supporting our Coinbase systems used by our German entity, with a focus on local IT system assets, IT applications utilized by CBG staff, and identity access management.
- Security Incident and Event Management (SIEM) log collection and rationalization, including identifying all CBG-accessed systems, ensuring log collection and response protocols are recorded and followed.
- Monitor and provide oversight of all IT security projects for CBG, including identity and access management, with attention to key local roles and responsibilities and potential privileged access by CBG staff.
- Identify possible toxic combinations in access management and assist with the User Access Review (UAR) process to ensure security compliance.
- Submit and manage all 1LOD CBG Security Risk Reviews, tracking and managing all security risks associated with CBG operations.
- Execute data analysis to evaluate the effectiveness of our security product initiatives and identify opportunities to better achieve our goals.
- Policy and risk management documentation and design.
- Analysis and implementation of regulatory requirements as our covered entities continue to expand.
What we look for in you (ie. job requirements):
- You are an expert at designing and improving operational processes to increase efficiency at scale, especially in environments subject to regulatory oversight such as BaFIN.
- You have experience in IT security, with a focus on local IT system controls and control management
- Strong knowledge of SIEM log collection and rationalization, and can ensure procedures are well-documented and followed.
- Strong knowledge of identity and access management practices, with the ability to identify and mitigate toxic combinations and manage privileged access controls.
- You are highly skilled at evaluating and reporting on data for large-scale initiatives, including at an executive level.
- Ability to communicate with both technical and non-technical stakeholders to drive cross-functional alignment, with particular focus on local IT security roles and responsibilities within CBG.
- Continuous learning mindset to stay on top of emerging threats and technologies, with a willingness to apply processes unique to the challenges at Coinbase, particularly in a highly regulated environment.
- Technical understanding of backend engineering architectures, with experience in monitoring and providing oversight of IT security projects.
- Experience with SQL, ideally in Snowflake or a similar platform.