Senior Manager, Technology Risk

at Coinbase
πŸ“ World
USD 230,300-270,900 per year
SENIOR
βœ… Hybrid

SCRAPED

Used Tools & Technologies

Not specified

Required Skills & Competences ?

Security @ 4 Machine Learning @ 7 Leadership @ 4 Mentoring @ 4 Jira @ 7 FinTech @ 4 Project Management @ 7 Reporting @ 4 Audit @ 4 Compliance @ 4 Web3 @ 4

Details

At Coinbase, our mission is to increase economic freedom in the world by building the emerging onchain platform and the future global financial system. The Senior Manager, Technology Risk will serve on the Coinbase Technology Risk & Controls team to support implementation and maturity of the technology and security risk management program. This role is both operational (building high-utility, low-friction processes and tooling for fast-moving technical teams) and technical (partnering with and challenging engineering teams on risk quantification and mitigation).

Responsibilities

  • Enable risk-informed business outcomes by communicating quantitative and qualitative tradeoffs to teams and leadership.
  • Partner with engineering to challenge assumptions on risk quantification, mitigation plans, and key risk indicators.
  • Build, grow, and coach a team of technology and security risk analysts; provide ongoing feedback and mentorship.
  • Manage risks across the risk lifecycle: intake, triage, analysis, calculation of inherent/residual risk, facilitate treatment decisions, pressure-test decisions, and validate mitigation execution.
  • Maintain a source-of-truth risk register: quality control of data, tooling support, and implement automation/process improvements.
  • Iterate on program elements: analyze variables to improve threat models and risk scoring methodologies.
  • Report on risk posture: synchronous and asynchronous reporting of findings, metrics, and recommended mitigations to leadership and business risk owners.
  • Develop and execute communications and training plans to roll out the technology risk program; maintain runbooks, intra-web pages, and risk dashboards.
  • Align with Enterprise Risk Management to escalate and report risks through the enterprise risk register as needed.
  • Collaborate globally to scale the risk framework across Coinbase entities, products, and geographies; work with GRC, Legal, and Compliance for assessments and reporting to meet regulatory requirements.
  • Support responses to US and international audit and regulator inquiries by compiling required data.
  • Maintain awareness of international regulation, emerging threats, policies, and industry benchmarks.

Requirements

  • 10+ years of experience in 1st- or 2nd-line-of-defense risk management and/or Governance, Risk, and Compliance (GRC) organizations.
  • Experience working across both 1st and 2nd lines of defense in highly technical domains or roles.
  • Demonstrable outcomes partnering with highly technical teams (e.g., engineering organizations).
  • Demonstrable examples of leveraging risk to enable business outcomes (not only to meet regulatory/compliance requirements).
  • Technology risk domain knowledge across IT domains such as asset management, resilience, systems development lifecycle, and infrastructure.
  • Familiarity with standards and frameworks: ISO 27001/27005, NIST CSF, COBIT, ITIL, DORA, and FAIR risk quantification methodology.
  • Clear and concise communicator and writer; experience operationalizing project plans, documenting deliverables for junior and senior stakeholders, and translating control/risk standards into functional requirements.
  • Comfortable with project management tooling (e.g., Jira, Archer) and strong organization/project management skills.
  • Demonstrable experience managing and mentoring analysts to grow their capabilities and careers.
  • Ability to navigate ambiguity and manage multiple assessments against strategic priorities.
  • Drive for continuous learning and willingness to embrace a steep learning curve.

Nice to haves

  • Experience in Technology or FinTech industry risk management.
  • Coding knowledge a plus (e.g., building data joins, integrations with GRC tools, data visualization tools).
  • Working knowledge of major regulatory/legal frameworks (US and international) that drive technology requirements.
  • Strong knowledge of risk/control issues related to evolving technologies (crypto, mobile, cloud, data lakes, machine learning).
  • Certifications (optional): CRISC, CISA, CISSP, CISM, FAIR.
  • Demonstrated beginner/intermediate knowledge of crypto/blockchain/web3.

Benefits

  • Full-time offers include bonus eligibility, equity eligibility, and benefits (medical, dental, vision, and 401(k)).
  • Medical, dental, and vision plans with generous employee contributions.
  • Health Savings Account with company contributions.
  • Disability and life insurance, 401(k) with company match.
  • Wellness stipend, mobile/internet reimbursement, connections stipend.
  • Volunteer time off, fertility counseling and benefits, generous time off/leave policy.
  • Option to be paid in digital currency.

Pay Transparency

  • Target annual salary range (depending on work location): $230,265 β€” $270,900 USD.

Location & Work Model

  • Coinbase is remote-first but not remote-only; in-person participation is required throughout the year for team and company offsites. Attendance is expected and supported. This role requires collaboration with global teams and regulatory stakeholders.