Security Compliance Manager

Security Compliance Manager at Coinbase

Coinbase stores more digital currency than any company in the world, making us a top tier target on the internet. Security is core to our mission and has been a key competitive differentiator for us as we scale worldwide. Essential to scaling is building and running a security compliance program that reflects how we protect the data and assets in our care, to open the doors with customers, regulators, auditors, and other external stakeholders. If you love working with fast moving companies to build security compliance engines from the ground up and affect change across the business, we’d like to speak with you about joining our team.

Coinbase is looking for a security compliance manager to help drive and implement the security compliance roadmap and collaborate with teams across the company to understand and meet our security requirements.

Responsibilities:

  • Provide subject matter expertise on processes, controls, and objectives around audit and security activities

  • Manage and report security assessments and ongoing monitoring activities across Coinbase’s security requirements and best practices

  • Partner with other compliance teams to map and maintain all controls in the common GRC platform

  • Assist with collecting and maintaining evidence for external assessors and auditors

  • Author and roll out policies, standards, and procedures in collaboration with other teams

  • Evaluate and report on security risks, processes, and projects to various stakeholders

  • Provide written documentation in response to various audit and compliance requests

  • Stay current on developing regulatory and compliance changes and provide guidance on new security and privacy requirements

  • Work across the Security team to effect culture change and help teams implement automated compliance into their workflows

Requirements: 

  • 3+ years of experience in security or technology compliance. Strong familiarity with and track record of implementing security standards or frameworks including at least two of the following: ISO/IEC 27001, SOC 1, SOC 2, GDPR, PCI DSS 3.2, NIST CSF, NIST 800-53, FFIEC.

  • Experience developing or building control environments in financial services or fintech companies

  • Experience designing, implementing, configuring, or testing security and technology controls with stakeholders and managing multiple business priorities.

  • General knowledge across GRC with deeper expertise in your areas of focus

  • Relevant BA/BS degree and/or certifications (CISA, CISSP, CISM, CRISC)

Preferred

  • AWS experience is a plus

 

Coinbase is committed to diversity in its workforce and is proud to be an equal opportunity employer. Coinbase does not make hiring or employment decisions on the basis of race, color, religion, creed, gender, national origin, age, disability, veteran status, marital status, pregnancy, sex, gender expression or identity, sexual orientation, citizenship, or any other basis protected by applicable local, state or federal law. Coinbase will also consider for employment qualified applicants with arrest and conviction records in a manner consistent with San Francisco’s Fair Chance Ordinance and similar local laws.