(Remote Work) Manager, Blockchain Security – Coinbase

Job Overview:

• Job Title: Manager, Blockchain Security
• Hiring Company: Coinbase
• Company Website: https://www.coinbase.com/
• Remote Locations: Worldwide
• Job Type:  Remote, Full-Time

Security is a primary competency at Coinbase, and the Security Team keeps a watchful eye over every aspect of it. Every day, we go to battle against some of the most sophisticated attackers in the world to protect billions of dollars worth of digital assets and ensure that our customers and employees can enjoy a safe, trusted experience. As Coinbase scales globally, our team is scaling along with it, using a blend of tooling, automation, and strategic team growth to ensure that we’re well-equipped to protect the next billion users of crypto.

Blockchain Security (BlockSec) team’s mission is to Secure funds and data from protocol through wallet. Coinbase has a unique opportunity: enabling our customers to easily and securely interface with blockchains, a.k.a. digital asset networks, a.k.a. cryptocurrencies.  Blockchains are a cutting edge technology, with many unique security considerations for any entity that supports interaction with them.  Understanding those unique considerations requires deep expertise in blockchains and the ability to maintain that expertise over time.

The mission of the Blockchain Security – CryptoSec team is to secure product integration with Blockchain. The CryptoSec team assesses security for products supporting Staking, DeFi protocols, Bridges, Cryptography, NFT, Wallet, and Blockchain Interoperability for multi-chains.

Your team’s charter includes:

• Perform security assessments and threat modeling of assets, including various blockchain protocols, smart contracts, and other distributed ledger tech.
• Partner with software engineering teams to advise on code and architecture for internal asset integrations, including node software, wallet systems, and key management frameworks.
• Contribute code to in-house blockchain monitoring software to detect abnormal or malicious behavior (51% attacks, dangerous smart contract calls, validator misbehavior, and more).
• Investigate impactful changes to the space, asset upgrades, and novel innovations such as zero-knowledge proofs and bleeding-edge blockchain protocols.
• Publish blogs and give talks (internal and external) on newfound vulnerabilities, incident investigations, unique integration risks, and related topics.

Commitment to Equal Opportunity

Coinbase is committed to diversity in its workforce and is proud to be an Equal Opportunity Employer.  All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, gender, national origin, age, disability, veteran status, sex, gender expression or identity, sexual orientation or any other basis protected by applicable law. Coinbase will also consider for employment qualified applicants with criminal histories in a manner consistent with applicable federal, state and local law.  For US applicants, you may view Pay Transparency, Employee Rights and Equal Employment Opportunity is the Law notices by clicking on their corresponding links.  Additionally, Coinbase participates in the E-Verify program in certain locations, as required by law.

Coinbase is also committed to providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation because of a disability for any part of the employment process, please send an e-mail to accommodations[at]coinbase.com and let us know the nature of your request and your contact information.  For quick access to screen reading technology compatible with this site click here to download a free compatible screen reader (free step by step tutorial can be found here).

Job Responsibilities:

• Program Development. We’re looking to you to expand and formalize our Blockchain Secure Architecture and Engineering Program. As Coinbase has grown, our Product Security function has developed organically. This program drives our Security bar across our backend Cryptocurrency architecture. The purpose is to prevent the likelihood and impact of security breaches through high quality assessments and successful remediation of security vulnerabilities.
• Team Management. Any team is only as strong as the individuals it’s composed of. Your primary concern will be the growth, development and health of the team. You’ll nurture the team, mentor them  and unblock them. You’ll help your teammates find work they enjoy, and find ways to get through the work they don’t. We’ll ask you to hire more individuals to your team, so you’ll need to identify what skills and personalities you need to get the job done. Set clear targets and objectives, and establish KPIs for the team.
• Operations.  Finally, we’re looking for someone who will be accountable to the operations of the team. You’ll work with your leadership to develop goals and metrics, and then we expect you to hold yourself accountable to them. Your quality bar defines the quality of the team, and we’re expecting yours to be high. From timelines to reviews, you’ll work to make sure the Security Assessments team runs smoothly. We’ll also ask you to coordinate external penetration testing engagements as we need them. You’ll spend a significant amount of time communicating to your team, to your peers, and across the company.

Job Requirements:

• You’ve at least 3 years experience in managing product or application security teams and at least 6 years experience and solid foundation in security
• You are passionate about growing people and helping them achieve their goals
• You’re never tired of learning. You want to be a pro in bleeding edge tech like DeFi, NFTs, DAOs, and Web 3.0.
• You can pivot on the fly. Crypto is constantly evolving, so our priorities do, too. What you worked on last month may not be what you work on today, and that excites you. You’re not looking for a boring job.
• You appreciate direct communication. You’re both an active communicator and an eager listener – because let’s face it, you can’t have one without the other. You’re cool with candid feedback and see every setback as an opportunity to grow.
• You strive to become a SME of our product security
• You enjoy presenting your thoughts in simple and succinct fashion with stakeholders and excs
• You are biased towards action. At the same time, you focus on long-term strategic planning
• You are passionate about building trust with stakeholders through effective, positive, and efficient communication

Nice to haves:

• You have experience in cryptography or blockchain technology
• If you have extensive experience securing large Rails, NodeJS, and Golang codebases, we can immediately start applying what you’ve learned to the code we are asked to secure. Even better if you’ve spent time training others on how to secure those codebases.
• If you’re fluent in Digital Assets, you’ll have less to learn about the fundamentals of our business, but we do not immediately decline candidates who are not totally fluent.

Please note that for employees based in the US, Philippines, Canada or Singapore, if your role requires you to be present in a Coinbase office or if you choose to be physically present in a Coinbase office or sponsored location, you will be required to be fully vaccinated from COVID-19 (as defined by applicable law).  If you receive an offer, you will receive additional information about the grounds and process for an exemption.

How To Apply:

Click “Apply” to fill in the application form!