Senior Analyst, Security Risk

Senior Analyst, Security Risk

• Location: United States (Remote)
• Type: Full-time

About Coinbase:

At Coinbase, we are committed to increasing economic freedom globally by building an on-chain platform that will power the future financial system. We are looking for passionate individuals who believe in the transformative potential of crypto and blockchain technology to help us achieve this mission.

Role Overview:

As a Senior Analyst in Security Risk, you will lead Coinbase’s security risk management program. In this role, you will enable security and privacy teams to make informed, risk-based decisions, ensuring security risks are identified, assessed, and mitigated effectively. You’ll apply security risk management standards and frameworks to help technical teams address security challenges in fast-paced environments.

Key Responsibilities:

• Facilitate security and privacy risk assessments across production and corporate environments, using both qualitative and quantitative risk metrics.
• Develop and communicate security risk programs across teams, providing ongoing education and support.
• Maintain the Security Risk Register and manage tooling and automation.
• Drive mitigation plans by collaborating with business stakeholders and ensuring risk-based decision-making.
• Report findings to senior management and recommend risk mitigation strategies.
• Work closely with regional and international risk management partners to integrate a global security risk management program.
• Collaborate with Legal and Compliance teams to ensure regulatory requirements are met.
• Stay updated on relevant international regulations, emerging threats, and policies.
• Partner with security teams to incorporate security and privacy risk reporting into the security maturity model.

Required Qualifications:

• 5+ years of experience in information security risk management and/or security compliance.
• Strong communication skills with the ability to draft project plans, hold teams accountable, and produce final reports.
• Familiarity with security standards and frameworks, such as ISO27001/5.
• Knowledge of security risk management frameworks, including NIST CSF and FAIR risk quantification methodology.

Preferred Qualifications:

• Master’s degree or equivalent experience in a technical, business, or engineering field.
• Knowledge of global regulatory requirements related to cybersecurity, data privacy, and global trade compliance.
• Security certifications such as CISA, CISSP, or CISM.
• Experience in cloud services environments.
• Expertise in automation and scalable solution building.

Compensation and Benefits:

• Pay Range: $167,280 USD - $196,800 USD/year
• Full benefits, including medical, dental, vision, 401(k), target bonus, and equity.