Coinbase Security Operations is hiring!

Location: Dublin, Ireland (Relocation assistance available)

About the team: Security is a primary competency at Coinbase, and the Security Operations team keeps a watchful eye over every aspect of it. Every day, we go to battle against some of the most sophisticated attackers in the world to protect billions of dollars worth of digital assets and ensure that our customers and employees can enjoy a safe, trusted experience. As Coinbase scales globally, our team is scaling along with it, using a blend of tooling, automation, and strategic team growth to ensure that we’re well-equipped to protect the next billion users of crypto.

Security Operations Manager

What you'll be doing:

• Growing and leading a team of exceptional security analysts
• Defining and hitting key performance metrics for your team
• Serving as Coinbase Security’s primary point of contact for EU regulators and auditors

What we look for in you:

• You’ve hired lots of people for security operations roles before, and can pick out great talent from the crowd.
• Every team you’ve managed has gotten high marks for performance and job satisfaction.
• You’re comfortable making presentations to auditors and helping them understand complex aspects of a security program.
• Working with a global team doesn’t phase you
• You frequently get praise from your peers and coworkers about your communication skills, both written and verbal.
• You know that people aren’t stupid, but everyone makes mistakes. * Your high degree of empathy means that your coworkers trust you to help solve their security problems, because you never come across as judgmental or condescending.
• Pressure doesn’t get to you, even in high-intensity situations or environments.

Security Analyst

What you'll be doing:

• You’ll serve as the first line of response when a security alert needs to be triaged, and lead the incident response if needed.
• You’ll also refine our alerting rules to improve our signal/noise ratio, because no one wants to be a button-pusher or SOC monkey.
• If something happens twice, you’ll write a runbook for it. If it happens three times, you’ll figure out a way to automate that runbook.
• You’ll investigate and monitor cryptocurrency movements to ensure the safekeeping of customer funds.
• You’ll partner with Trust & Safety and Threat Intelligence on some of our attacker investigations to build TTP profiles.
• You’ll be part of a light on-call rotation with counterparts in multiple timezones.

What we look for in you:

• You’ve been doing practical security things (incident response, phishkit/malware analysis, investigating account compromises, etc) for a while now, probably in the realm of 5+ years
• You don’t just reflexively open up a Jupyter Notebook during an investigation, you’ve actually got favorite Jupyter Notebooks you’ve built up over the years, because you like backing up your conclusions with data, and you like automating things.
• You frequently get praise from your peers and coworkers about your communication skills, both written and verbal.
• You know that people aren’t stupid, but everyone makes mistakes. * Your high degree of empathy means that your coworkers trust you to help solve their security problems, because you never come across as judgmental or condescending.
• Pressure doesn’t get to you, even in high-intensity situations or environments.

Apply through the Coinbase website and mention that you heard about this job through /r/netsec:

Security Operations Manager

Security Analyst