Senior Detection Engineer, Insider Threat

Details

Ready to be pushed beyond what you think you’re capable of?

At Coinbase, our mission is to increase economic freedom in the world. It’s a massive, ambitious opportunity that demands the best of us, every day, as we build the emerging onchain platform — and with it, the future global financial system.

We want someone passionate about our mission and who believes in the power of crypto and blockchain technology to update the financial system. We want someone eager to leave their mark on the world, relishes working with high caliber colleagues, and actively seeks feedback to keep leveling up. We want someone who will run towards solving the company’s hardest problems.

Our work culture is intense and isn’t for everyone. But if you want to build the future alongside others who excel in their disciplines and expect the same from you, there’s no better place.

Security is a primary competency at Coinbase. The Security Operations team battles sophisticated attackers daily to protect billions of dollars worth of digital assets, ensuring a safe and trusted experience. As Coinbase scales globally, the team scales by blending tooling, automation, and strategic growth to protect the next billion users of crypto.

Responsibilities

• Build and implement detections, preventions, security controls, and automations to deter insider threats and improve overall security posture.
• Test and maintain security tooling, especially for endpoint detection and investigation.
• Collaborate cross-functionally with Security, Infrastructure, IT, and Legal for technical information and to evaluate downstream impacts of builds/deployments.
• Link disparate information for aggregation, visualization, and interpretation of threat indications via query building and table joins.
• Assist with investigations, which may involve rapidly building tools or extending capabilities to aid response efforts.

Requirements

• Experience designing and implementing Insider Threat technologies such as SIEM, UBA, DLP, and understanding investigations or intelligence cycles.
• Proficient in manipulating logs, tables, and data lakes to engineer custom detections and dashboards.
• Mastery of SQL and coding languages like Python; experience creating custom alerts and automations with SOAR.
• Comfortable working cross-functionally to design and implement technical controls.
• Awareness of the insider threat landscape with understanding of legal, regulatory, and ethical considerations.
• Discreet, thoughtful, and adept at coordinating systemic, cross-functional risk mitigation solutions.
• Ability to translate complex problems into easily implemented automated solutions.
• Excellent verbal and written communication skills with experience composing briefs and training others.
• Team player comfortable as both novice and expert.
• Empathetic with a strong trust-building approach.
• 5-10+ years combined experience in security/technology or analytic roles.

Nice to Haves

• Diverse or unconventional career background.
• Familiarity with blockchains, cryptocurrency, and onchain projects.
• Experience crafting meaningful metrics.
• Background in incident response, data protection, risk management, counterintelligence, fraud detection, intellectual property theft, access and identity management, or IT engineering.

Benefits

• Medical, dental, and vision plans with generous employee contributions.
• Health Savings Account with company contributions.
• Disability and life insurance.
• 401(k) plan with company match.
• Wellness stipend.
• Mobile and internet reimbursement.
• Connections stipend.
• Volunteer time off.
• Fertility counseling and benefits.
• Generous time off and leave policy.
• Option to get paid in digital currency.

Salary

The target annual salary for this position ranges from $180,370 to $212,200 USD, with additional bonuses, equity, and benefits including medical, dental, vision, and 401(k).