Ready to be pushed beyond what you think you’re capable of?

At Coinbase, our mission is to increase economic freedom in the world. It’s a massive, ambitious opportunity that demands the best of us, every day, as we build the emerging onchain platform — and with it, the future global financial system.

To achieve our mission, we’re seeking a very specific candidate. We want someone who is passionate about our mission and who believes in the power of crypto and blockchain technology to update the financial system. We want someone who is eager to leave their mark on the world, who relishes the pressure and privilege of working with high caliber colleagues, and who actively seeks feedback to keep leveling up. We want someone who will run towards, not away from, solving the company’s hardest problems.

Our work culture is intense and isn’t for everyone. But if you want to build the future alongside others who excel in their disciplines and expect the same from you, there’s no better place to be.

While many roles at Coinbase are remote-first, we are not remote-only. In-person participation is required throughout the year. Team and company-wide offsites are held multiple times annually to foster collaboration, connection, and alignment. Attendance is expected and fully supported.

Coinbase is looking for a creative and analytical Director of Technology Risk. You will serve as a member of the Coinbase Technology Risk leadership team and oversee our technology and security risk management program. Your risk team will define, quantify, manage, and communicate risks, and use outcomes to inform business decisions. You will serve as the subject matter expert in technology risk management operations, and will make these applicable and usable for fast-moving technical teams located across global time zones.

What you’ll be doing (i.e. job duties)

Lead and oversee the second line technology and security risk team, framing and driving the vision for a Technology Risk Management framework across the three lines of defense.
Lead company-wide technology and security risk initiatives. Collaborate with technology and security leadership to design and implement efficient methods for identifying, surfacing, and reporting risks across the business.
Build, grow, and coach a team of technology and security risk analysts; foster a culture of agility and innovation, and provide ongoing performance feedback.
Oversee the implementation of risk policies, standards, and technologies to establish scalable processes that grow with the business.
Facilitate periodic second line technology and security risk assessments across production and corporate environments, enabling teams to describe risks in both qualitative and quantitative terms.
Ensure monitoring is in place for all risk treatment activities, maintaining clear communication with risk owners.
Collaborate with global stakeholders, including international risk management partners, to build a security risk management program that supports multiple entities, products, and global locations.
Keep up with international regulations, emerging threats, forecasts, policies, and benchmarks, integrating these into technology and security risk management methodologies and practices.
Partner with Enterprise Risk Management (ERM) and Operational Risk programs to provide effective and consistent second line oversight.
Develop communication plans to roll out the security risk program across the organization and provide ongoing education and support to teams.

What we look for in you (ie. job requirements)

12+ years of relevant experience in technology risk, information security risk, IT audit, and/or a related domain, with 8+ years of management experience
Solid communicator and writer; experience with drafting project plans across multiple stakeholders, holding teams accountable to their deliverables, and producing final reports
Proven ability to embed risk management practices within operations.
Knowledge of and experience with security and security risk standards and frameworks, such as the NIST Cybersecurity Framework, NIST RMF, COBIT, ISO 27005, DORA, FAIR risk quantification methodology, etc.
Expertise in all phases of the risk management lifecycle and execution of these phases within a technology or security risk management program
Self-motivated and demonstrate a sense of urgency in high-intensity environments
Shift nimbly between strategy and operations to drive the program’s success
Ability to communicate with technical and non-technical stakeholders including senior management in order to drive alignment
Enjoy solving hard problems and can turn incomplete, conflicting, or ambiguous inputs into action plans. Experience deconflicting roles and responsibilities and driving clarity.
Ability to leverage data to inform critical decisions and make recommendations
Able to manage multiple stakeholders and priorities simultaneously
Experience interacting with regulators
Knowledge of a cloud-services environment
Expertise in automation and building scalable solutions

Nice to haves:

Fintech, tech, or financial services experience
Advanced knowledge of cloud computing, Google apps, JIRA, Confluence
Master's degree or equivalent combination of education and experience (ex. in a technical area, business administration, industrial engineering)
Quantitative modeling and data visualization
Prior crypto experience and a demonstrated interest in cryptocurrencies and blockchain technologies
Information security risk management qualifications like CRISC, CISM, CISA, etc.

Job #: P62059

#LI-Remote

Pay Transparency Notice: Depending on your work location, the target annual salary for this position can range as detailed below. Full time offers from Coinbase also include target bonus + target equity + benefits (including medical, dental, vision and 401(k)).

Pay Range:

$267,325—$314,500 USD

Please be advised that each candidate may submit a maximum of four applications within any 30-day period. We encourage you to carefully evaluate how your skills and interests align with Coinbase's roles before applying.

Commitment to Equal Opportunity

Coinbase is proud to be an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, gender, national origin, age, disability, veteran status, sex, gender expression or identity, sexual orientation or any other basis protected by applicable law. Coinbase will also consider for employment qualified applicants with criminal histories in a manner consistent with applicable federal, state and local law. For US applicants, you may view the Employee Rights and the Know Your Rights notices by clicking on their corresponding links. Additionally, Coinbase participates in the E-Verify program in certain locations, as required by law.

Coinbase is also committed to providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation because of a disability for any part of the employment process, please contact us at accommodations[at]coinbase.com to let us know the nature of your request and your contact information. For quick access to screen reading technology compatible with this site click here to download a free compatible screen reader (free step by step tutorial can be found here).

Global Data Privacy Notice for Job Candidates and Applicants

Depending on your location, the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA) may regulate the way we manage the data of job applicants. Our full notice outlining how data will be processed as part of the application procedure for applicable locations is available here. By submitting your application, you are agreeing to our use and processing of your data as required. For US applicants only, by submitting your application you are agreeing to arbitration of disputes as outlined here.

AI Disclosure

For select roles, Coinbase is piloting an AI tool based on machine learning technologies to conduct initial screening interviews to qualified applicants. The tool simulates realistic interview scenarios and engages in dynamic conversation. A human recruiter will review your interview responses, provided in the form of a voice recording and/or transcript, to assess them against the qualifications and characteristics outlined in the job description.

For select roles, Coinbase is also piloting an AI interview intelligence platform to transcribe and summarize interview notes, allowing our interviewers to fully focus on you as the candidate.

The above pilots are for testing purposes and Coinbase will not use AI to make decisions impacting employment. To request a reasonable accommodation due to disability, please contact accommodations[at]coinbase.com

Apply for this Job

* Required

First Name *

Last Name *

Email *

Phone *

Location (City)

Resume/CV *

Dropbox

(File types: pdf, doc, docx, txt, rtf)

Cover Letter

Dropbox

(File types: pdf, doc, docx, txt, rtf)

When autocomplete results are available use up and down arrows to review

+ Add another education

+ Add another employment

Linkedin Profile URL *

Are you legally authorized to work in the country where the job is located? *

Will you now or in the future require sponsorship for local government employment visa status? *

Are you at least 18 years of age? *

Have you previously been employed by Coinbase in any capacity? *

How did you hear about this job? *

Please confirm receipt of the above linked Global Data Privacy Notice and US Arbitration Agreement. *

Do you have COBIT or ITIL experience? *

Have you worked in an environment that leverages microservices architecture? *

I understand that Coinbase may use AI tools to assist in the application and interview process. *

Voluntary Self-Identification

For government reporting purposes, we ask candidates to respond to the below self-identification survey. Completion of the form is entirely voluntary. Whatever your decision, it will not be considered in the hiring process or thereafter. Any information that you do provide will be recorded and maintained in a confidential file.

As set forth in Coinbase Careers Page’s Equal Employment Opportunity policy, we do not discriminate on the basis of any protected group status under any applicable law.

Gender

Are you Hispanic/Latino?

Please identify your race

Race & Ethnicity Definitions

If you believe you belong to any of the categories of protected veterans listed below, please indicate by making the appropriate selection. As a government contractor subject to the Vietnam Era Veterans Readjustment Assistance Act (VEVRAA), we request this information in order to measure the effectiveness of the outreach and positive recruitment efforts we undertake pursuant to VEVRAA. Classification of protected categories is as follows:

A "disabled veteran" is one of the following: a veteran of the U.S. military, ground, naval or air service who is entitled to compensation (or who but for the receipt of military retired pay would be entitled to compensation) under laws administered by the Secretary of Veterans Affairs; or a person who was discharged or released from active duty because of a service-connected disability.

A "recently separated veteran" means any veteran during the three-year period beginning on the date of such veteran's discharge or release from active duty in the U.S. military, ground, naval, or air service.

An "active duty wartime or campaign badge veteran" means a veteran who served on active duty in the U.S. military, ground, naval or air service during a war, or in a campaign or expedition for which a campaign badge has been authorized under the laws administered by the Department of Defense.

An "Armed forces service medal veteran" means a veteran who, while serving on active duty in the U.S. military, ground, naval or air service, participated in a United States military operation for which an Armed Forces service medal was awarded pursuant to Executive Order 12985.

Veteran Status

Voluntary Self-Identification of Disability

Form CC-305

Page 1 of 1

OMB Control Number 1250-0005

Expires 04/30/2026

Why are you being asked to complete this form?

We are a federal contractor or subcontractor. The law requires us to provide equal employment opportunity to qualified people with disabilities. We have a goal of having at least 7% of our workers as people with disabilities. The law says we must measure our progress towards this goal. To do this, we must ask applicants and employees if they have a disability or have ever had one. People can become disabled, so we need to ask this question at least every five years.

Completing this form is voluntary, and we hope that you will choose to do so. Your answer is confidential. No one who makes hiring decisions will see it. Your decision to complete the form and your answer will not harm you in any way. If you want to learn more about the law or this form, visit the U.S. Department of Labor’s Office of Federal Contract Compliance Programs (OFCCP) website at www.dol.gov/ofccp.

How do you know if you have a disability?

A disability is a condition that substantially limits one or more of your “major life activities.” If you have or have ever had such a condition, you are a person with a disability. Disabilities include, but are not limited to:

Alcohol or other substance use disorder (not currently using drugs illegally)
Autoimmune disorder, for example, lupus, fibromyalgia, rheumatoid arthritis, HIV/AIDS
Blind or low vision
Cancer (past or present)
Cardiovascular or heart disease
Celiac disease
Cerebral palsy
Deaf or serious difficulty hearing
Diabetes
Disfigurement, for example, disfigurement caused by burns, wounds, accidents, or congenital disorders
Epilepsy or other seizure disorder
Gastrointestinal disorders, for example, Crohn's Disease, irritable bowel syndrome
Intellectual or developmental disability
Mental health conditions, for example, depression, bipolar disorder, anxiety disorder, schizophrenia, PTSD
Missing limbs or partially missing limbs
Mobility impairment, benefiting from the use of a wheelchair, scooter, walker, leg brace(s) and/or other supports
Nervous system condition, for example, migraine headaches, Parkinson’s disease, multiple sclerosis (MS)
Neurodivergence, for example, attention-deficit/hyperactivity disorder (ADHD), autism spectrum disorder, dyslexia, dyspraxia, other learning disabilities
Partial or complete paralysis (any cause)
Pulmonary or respiratory conditions, for example, tuberculosis, asthma, emphysema
Short stature (dwarfism)
Traumatic brain injury

Disability Status

PUBLIC BURDEN STATEMENT: According to the Paperwork Reduction Act of 1995 no persons are required to respond to a collection of information unless such collection displays a valid OMB control number. This survey should take about 5 minutes to complete.

Enter the verification code sent to to confirm you are not a robot, then submit your application.

Security Code *

This application was flagged as potential bot traffic. To resubmit your application, turn off any VPNs, clear the browser's cache and cookies, or try another browser. If you still can't submit it, contact our support team through the help center.

Director, Technology Risk