Senior Application Security Engineer

Details

At Coinbase, our mission is to increase economic freedom in the world by building the emerging onchain platform and the future global financial system. The Application Security organization is seeking an experienced Senior Security Engineer to design, implement, and deploy baseline security solutions to improve the security of all Coinbase apps and services. This role collaborates closely with engineering teams, product managers, and other security engineers to embed security best practices throughout the software development lifecycle and to remediate classes of security vulnerabilities at scale.

Responsibilities

• Design, implement, and deploy baseline security controls to secure all Coinbase apps and services.
• Design, implement, and deploy security guardrails to eliminate classes of security vulnerabilities at scale.
• Build automation to scale the security review process.
• Collaborate with engineering teams to provide expert guidance on secure product development, secure vendor product integration, and vulnerability remediation.
• Evaluate and recommend new security technologies and solutions to enhance the company's security posture.
• Participate in incident response activities, providing architectural insights and recommendations for containment and remediation.
• Mentor and guide junior security engineers and security champions on security best practices and architectural principles.
• Influence and drive strategic security initiatives to improve overall security maturity and efficiency.

Requirements

• Bachelor’s degree in Computer Science, Computer Engineering, or a related field.
• 5+ years of experience in software development, security architecture, application security, or offensive security roles, with a strong focus on building security systems.
• Experience designing and implementing automated security tools in Python or Go.
• Deep understanding of secure system design principles, and authentication and authorization mechanisms.
• Proficiency designing and implementing security solutions across various technology stacks and cloud environments (e.g., AWS, GCP, Azure).
• Strong experience with threat modeling methodologies and security design/reviews to inform system development.
• Excellent communication and interpersonal skills to articulate complex security concepts to technical and non-technical audiences.
• Proven ability to work independently and collaboratively in a fast-paced, dynamic environment and to influence change across an organization.

Nice to haves

• Master’s degree in Computer Science or a related field.
• AI security experience.
• Experience with Web3 security concepts, blockchain technologies, and smart contract security.
• Experience with large-scale distributed systems and microservices architectures.

Compensation & Other Details

• Pay Range (target annual salary, depending on work location): $186,065 — $218,900 USD. Full-time offers may also include target bonus, target equity, and benefits (medical, dental, vision, 401(k), etc.).
• Position ID: P70661
• The role is remote-first but not remote-only; in-person participation and attendance at team/company offsites are expected throughout the year.

Benefits

• Medical, dental, and vision plans
• Health Savings Account with company contributions
• Disability and life insurance
• 401(k) with company match
• Wellness stipend, mobile/internet reimbursement, connections stipend
• Volunteer time off, fertility counseling and benefits
• Generous time off/leave policy
• Option to get paid in digital currency