Vacancy is archived. Applications are no longer accepted.

Analyst, Security Compliance

at Coinbase
πŸ“ United States
MIDDLE
βœ… Remote

SCRAPED

Used Tools & Technologies

Not specified

Required Skills & Competences ?

Security @ 3 GCP @ 3 Leadership @ 3 AWS @ 3 Azure @ 3 Communication @ 3 Reporting @ 3 Audit @ 3 Compliance @ 3

Details

At Coinbase, our mission is to increase economic freedom in the world by building the emerging onchain platform and the future global financial system. This role involves being passionate about crypto and blockchain technology, working with high-caliber colleagues, and solving challenging problems under pressure.

Coinbase is the largest digital currency custodian globally, making security critical. This role focuses on building and running a security compliance program to protect data and assets and ensure compliance with customers, regulators, auditors, and other stakeholders. Specifically, the analyst will drive the second line of defense in IAM (Identity and Access Management) and vulnerability management.

Responsibilities

  • Lead Security and IT initiatives supporting IAM/VM roadmap and program maturity as the 2LoD.
  • Scope IT systems and deliver training for Technology & Security audits.
  • Lead and perform security control gap assessments and track remediation.
  • Assess security control postures for new products and communicate requirements.
  • Perform impact analysis for control deficiencies and manage remediation plans.
  • Provide ongoing reporting and escalate issues to leadership.
  • Build relationships with Security IAM, vulnerability management, IT, Infrastructure, Engineering teams.
  • Work with internal and external auditors on complex technology control environments.
  • Stay aligned with IAM and VM development and provide control recommendations.
  • Develop solutions for risk mitigation and audit challenges in crypto.
  • Identify systemic program challenges and drive issue resolution.

Requirements

  • Minimum 2+ years' experience in Security.
  • BA or BS in a technical field or equivalent experience.
  • Experience auditing certification and attestation standards like PCI DSS, ISO 27001, SOC1, SOC2.
  • Understanding of cloud controls in AWS, GCP, or Azure.
  • Practical knowledge of IT Security Compliance, risk management, access control, network security, info security architecture and operations, vulnerability management.
  • Experience operationalizing IAM and VM controls including role-based access, privileged access management, and vulnerability remediation processes.
  • Excellent written and oral communication skills.
  • Strong engagement skills internally and externally.
  • Experience managing cross-functional teams and product engineering groups.
  • Ability to multitask, direct cross functional work, and meet deadlines in fast-paced environments.

Nice to Haves

  • Prior experience at Big 4 or cybersecurity consulting.
  • Security certifications such as CISA, CISSP, CISM.
  • Experience mapping controls across multiple frameworks using GRC tools.
  • Financial services or regulatory experience.

Benefits

  • Medical, Dental, Vision plans with generous contributions.
  • Health Savings Account with company contributions.
  • Disability and Life Insurance.
  • 401(k) plan with company match.
  • Wellness, Mobile/Internet, and Connections stipends.
  • Volunteer Time Off.
  • Fertility counseling and benefits.
  • Generous time off and leave policies.
  • Option to receive payment in digital currency.

Target Annual Salary Range: $135,320 to $159,200 USD plus bonus, equity, and benefits.