Principal, International Security GRC Analyst

• You’ve got positive energy. You’re optimistic about the future and determined to get there. 
• You’re never tired of learning. You want to be a pro in bleeding edge tech like DeFi, NFTs, DAOs, and Web 3.0. 
• You appreciate direct communication. You’re both an active communicator and an eager listener - because let’s face it, you can’t have one without the other. You’re cool with candid feedback and see every setback as an opportunity to grow.
• You can pivot on the fly. Crypto is constantly evolving, so our priorities do, too. What you worked on last month may not be what you work on today, and that excites you. You’re not looking for a boring job.
• You have a “can do” attitude. Our teams create high-quality work on quick timelines. Owning a problem doesn’t scare you, but rather empowers you to take 100% responsibility for achieving our mission.
• You want to be part of a winning team. We’re stronger together, and you’re a person who embraces being pushed out of your comfort zone.

Team: We are looking for a Principal Security Analyst to be based in India for International Security team. Your role includes: supporting ongoing business demands and continued expansion across APAC while coordinating with global peers.  

What you’ll be doing: 

• Support ongoing International security and technology activities and facilitate company growth / expansion into new regulated jurisdictions across APAC.  
• Lead and drive continuous improvement on service management of critical outsourced services providers  including SLA reporting on Technology, Security and Data services
• Establish and execute quarterly, annual security GRC objectives for Coinbase APAC and develop and execute program maturity models for continuous program improvements.
• Monitor evolution and changes in APAC and international security standards and guidance, advise team and stakeholders on impact
• Drive compliance against technology regulatory requirements 
• Serve as one of the primary security touchpoints with APAC regulatory bodies
• Lead product launch reviews focusing on technology and security requirements and associated risks
• Lead APAC technology risk assessments , manage risk treatment and monitor and report outcomes to APAC entities
• Partner with your global Security colleagues to create culture change and ensure security best practices company wide are reflected in Coinbase US and International activities

What we look for in you:

• 10+ years of experience in security or technology governance, risk, or compliance with experience leading and/or building a team of full time employees and when required  contractor support. 
• 4+ years of experience working within Financial Services or FinTech
• Track record of implementing security standards or frameworks including at least two  of the following:, ISO 27001, NIST CSF, NIST 800-53
• Experience in reporting technology and security  posture to senior stakeholders
• Prior experience working closely with auditors and external regulators
• Ability to navigate ambiguity and are energised by bringing order to lots of moving parts
• Ability to partner with cross-functional teams: Product Engineering, Enterprise Risk,  Legal, Data Governance, Customer Experience and Compliance, previous experience working with various global sites to implement coordinated efforts.
• Outstanding communication and writing skills that enable you to proactively build relationships, inform others, and clearly explain security requirements to any team

Nice to haves:

• You have a relevant BA/BS degree in a technical field or equivalent experience
• One of more of the following certifications: CISSP, CISM, CISA, CRISC, or other relevant certifications  
• Experience working within Cloud native environments
• Experience working with global regulators

Commitment to Equal Opportunity

Coinbase is committed to diversity in its workforce and is proud to be an Equal Opportunity Employer.  All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, gender, national origin, age, disability, veteran status, sex, gender expression or identity, sexual orientation or any other basis protected by applicable law. Coinbase will also consider for employment qualified applicants with criminal histories in a manner consistent with applicable federal, state and local law.  For US applicants, you may view Pay Transparency, Employee Rights and Know Your Rights notices by clicking on their corresponding links.  Additionally, Coinbase participates in the E-Verify program in certain locations, as required by law. 

Coinbase is also committed to providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation because of a disability for any part of the employment process, please send an e-mail to accommodations[at]coinbase.com and let us know the nature of your request and your contact information.  For quick access to screen reading technology compatible with this site click here to download a free compatible screen reader (free step by step tutorial can be found here).

Global Data Privacy Notice for Job Candidates and Applicants

Depending on your location, the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA) may regulate the way we manage the data of job applicants. Our full notice outlining how data will be processed as part of the application procedure for applicable locations is available here. By submitting your application, you are agreeing to our use and processing of your data as required. For US applicants only, by submitting your application you are agreeing to arbitration of disputes as outlined here.