Senior Product Security Engineer, Assessments

Details

At Coinbase we aim to increase economic freedom by building the emerging onchain platform and the future global financial system. This role is part of the Application Security org and focuses on offensive security: leading and conducting penetration testing and red team activities, participating in bug bounty triage, contributing to security automation, and supporting incident response. The role is a technical lead position that will oversee junior engineers in the same time zone and collaborate closely with product and engineering teams.

Responsibilities

• Lead and conduct internal penetration testing engagements on web and mobile applications and services.
• Lead and conduct Red Team operations to test the resiliency of security protections.
• Document and report findings from security assessments and penetration tests.
• Collaborate with engineering teams to prioritize and remediate known vulnerabilities.
• Participate in the triage and validation of bug bounty submissions and manage bug bounty workflows.
• Contribute to the development of security tools and automation to improve testing efficiency.
• Contribute to development and improvement of security testing methodologies.
• Provide on-call support for product security incidents and incident response activities.
• Lead and participate in red team activities to identify weaknesses across network and application-level security boundaries.

Requirements

• Bachelor's or Master's degree in Computer Science, Cybersecurity, Software Engineering, or a related field.
• At least one relevant security certification (e.g., OSCP, GPEN).
• 5+ years of experience in application security, penetration testing, bug bounty triage, or other offensive security roles.
• 3+ years of Red Team experience with a track record of breaking complex systems using novel techniques.
• Experience with programming languages such as Go, JavaScript, Python, or Ruby.
• Expert understanding of Web2 security concepts and common vulnerabilities (e.g., OWASP Top 10, SANS Top 25).
• Experience with bug bounty programs and platforms.
• Strong analytical skills to identify trends and patterns in penetration testing findings.
• Excellent communication skills to effectively communicate with external researchers and internal teams.
• Energy and self-drive for continuous learning in the rapidly changing crypto space.
• Ability to work independently, own penetration testing and red team engagements, and oversee junior engineers.
• Experience building relationships with product, engineering, and other security teams.

Nice to haves

• Participation in computer security competitions (CTFs), Bug Bounty programs, open source security research, CVE analysis.
• Experience in Web3 security, network security and/or cloud security.
• Experience developing and implementing security tooling to support penetration testing and AI penetration testing activities.
• Experience pentesting AI systems and large language models (LLMs).

Compensation

• Pay Range (target annual salary): ₹6,612,600 — ₹6,612,600 INR. Full time offers also include target bonus, target equity, and benefits (medical, dental, vision).

Work model

• Coinbase is remote-first but not remote-only; in-person participation is required throughout the year and attendance at team/company offsites is expected.

Benefits

• Medical insurance including Dental & Vision for employees and dependants
• Group Personal Accidental Insurance
• Group Term Life Insurance
• Employee Stock Purchase Plan (ESPP)
• Wellness Stipend
• Mobile/Internet Reimbursement
• Connections Stipend
• Learning and Development Allowance
• Employee Assistance Program
• Travel Medical Policy – Global Traveler
• Fertility Benefits
• Generous Time Off/Leave Policy

Additional notes

• Position ID: P69494
• Coinbase is an equal opportunity employer and provides reasonable accommodations for candidates with disabilities. Some roles may pilot AI tools for initial screening interviews; humans review AI outputs and AI is not used to make final employment decisions.