Engineering Manager, Product Security

  • Applications may have closed

We’re Coinbase
We’re the world’s most trusted way to join the crypto revolution, serving more than 89 million accounts in more than 100 countries
 

Our mission is to , and we couldn’t do this without hiring the best people
We’re a group of hard-working overachievers who are deeply focused on building the future of finance and Web 3
0 for our users across the globe, whether they’re trading, storing, staking or using crypto
Know those people who always lead the group project? That’s us

There are a few things we look for across all hires we make at Coinbase, regardless of role or team
First, we look for candidates who will thrive in a like ours, where we default to trust, embrace feedback, and disrupt ourselves
Second, we expect all employees to commit to our to our work
Finally, we seek people who are excited to learn about and live crypto, because those are the folks who enjoy the intense moments in our sprint and recharge work culture
We’re a remote-first company looking to hire the absolute best talent all over the world

Ready to #LiveCrypto? Who you are:

  • You’ve got positive energy
    You’re optimistic about the future and determined to get there
     
  • You’re never tired of learning
    You want to be a pro in bleeding edge tech like DeFi, NFTs, DAOs, and Web 3
    0
     
  • You appreciate direct communication
    You’re both an active communicator and an eager listener – because let’s face it, you can’t have one without the other
    You’re cool with candid feedback and see every setback as an opportunity to grow
  • You can pivot on the fly
    Crypto is constantly evolving, so our priorities do, too
    What you worked on last month may not be what you work on today, and that excites you
    You’re not looking for a boring job
  • You have a “can do” attitude
    Our teams create high-quality work on quick timelines
    Owning a problem doesn’t scare you, but rather empowers you to take 100% responsibility for achieving our mission
  • You want to be part of a winning team
    We’re stronger together, and you’re a person who embraces being pushed out of your comfort zone

Security is a primary competency at Coinbase, and the Security Team keeps a watchful eye over every aspect of it
Every day, we go to battle against some of the most sophisticated attackers in the world to protect billions of dollars worth of digital assets and ensure that our customers and employees can enjoy a safe, trusted experience
As Coinbase scales globally, our team is scaling along with it, using a blend of tooling, automation, and strategic team growth to ensure that we’re well-equipped to protect the next billion users of crypto
We’re looking for an Engineering Manager to join the Product Security Core (ProductSec Core) Organization
ProductSec Core team’s mission is to enable Coinbase to be the most trusted & secure platform to use crypto
You will collaborate with product and engineering teams to drive secure and customer-centric product design
You will lead your team of security architects and security engineers to embed security upstream and drive cross-functional efforts to operationalize business objectives while minimizing security risks
You will own and mature the Security Development Lifecycle (SDL) for the company

What you’ll be doing:

ProductSec Core team provides security assurance services to all Coinbase product lines
These services include conducting design reviews, developing Threat Models, code reviews, penetration testing and providing trusted advisory to all engineering teams to ensure security is baked starting from the design stage to the deployment stage
This team will provide trusted security partner support to all high risk product verticals such as investments, retail, trading and platform services
You will provide security and architectural direction for the development, design, integration, testing, and maintenance of our product suite

Key Job Duties:

  • Program Development
    We’re looking to you to expand and formalize our Secure Architecture and Engineering Program
    As Coinbase has grown, our Product Security function has developed organically
    This program drives our Security bar across all services
    The purpose is to prevent the likelihood and impact of security breaches through high quality design reviews and successful remediation of security vulnerabilities
    We expect you to bring an automation-first mindset to champion and drive automation of manual tasks, and process improvements across product security operations and advocate for internal security principles, and identify creative ways to embed concepts of security by design into operational activities
  • Team Management
    Any team is only as strong as the individuals it’s composed of
    Your primary concern will be the growth, development and health of the team
    You’ll nurture the team, mentor them  and unblock them
    You’ll help your teammates find work they enjoy, and find ways to get through the work they don’t
    We’ll ask you to hire more individuals to your team, so you’ll need to identify what skills and personalities you need to get the job done
    Set clear targets and objectives, and establish KPIs for the team
  • Operations
      Finally, we’re looking for someone who will be accountable to the operations of the team
    You’ll work with your leadership to develop goals and metrics, and then we expect you to hold yourself accountable to them
    Your quality bar defines the quality of the team, and we’re expecting yours to be high
    From timelines to reviews, you’ll work to make sure the Security Partners team runs smoothly
    We’ll also ask you to coordinate and bring in other security teams such as privacy, trust and safety, offensive security engagements as we need them
    You’ll spend a significant amount of time communicating to your team, to your peers, and across the company

What we’re looking for in you:

  • At least 3 years experience in managing product or application security teams that have had to adapt to the changing needs of a business experiencing rapid growth
  • At least 6 years experience and solid foundation in security 
  • You are passionate about growing people and helping them achieve their goals
  • You’ll be providing support and mentorship for application security engineers, so you’ll need to have enough experience in the field to guide them as they grow
     
  • From time to time, you may take on a review project for yourself to keep your skills relevant
  • We look for individuals who are clear, direct, and kind in their communications
     
  • Ability to communicate with technical SMEs and non-technical stakeholders in order to drive alignment
  • You have an energy and self-drive for continuous learning as Crypto is a constantly and rapidly changing space
  • Ability to do both long term thinking and short term planning
  • We’ll need a manager capable of becoming a SME in one of our product technical architecture
    This requires deep technical experience in software development, secure design, threat modeling, and application security
  • Building stakeholder relationships is a crucial aspect of the role
    A successful candidate will use every interaction as an opportunity to build trust through effective, positive, and efficient communication

Nice to haves:

  • You have experience in cryptography or blockchain technology
  • If you have extensive experience securing large Rails, NodeJS, and Golang codebases, we can immediately start applying what you’ve learned to the code we are asked to secure
    Even better if you’ve spent time training others on how to secure those codebases

Please note that for employees based in the US, Philippines, Canada or Singapore, if your role requires you to be present in a Coinbase office or if you choose to be physically present in a Coinbase office or sponsored location, you will be required to be fully vaccinated from COVID-19 (as defined by applicable law)
  If you receive an offer, you will receive additional information about the grounds and process for an exemption

Commitment to Equal Opportunity

Coinbase is committed to diversity in its workforce and is proud to be an Equal Opportunity Employer
  All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, gender, national origin, age, disability, veteran status, sex, gender expression or identity, sexual orientation or any other basis protected by applicable law
Coinbase will also consider for employment qualified applicants with criminal histories in a manner consistent with applicable federal, state and local law
  For US applicants, you may view , and notices by clicking on their corresponding links
  Additionally, Coinbase participates in the in certain locations, as required by law
    

Coinbase is also committed to providing reasonable accommodations to individuals with disabilities
If you need a reasonable accommodation because of a disability for any part of the employment process, please send an e-mail to accommodations[at]coinbase
com and let us know the nature of your request and your contact information
  For quick access to screen reading technology compatible with this site a free compatible screen reader

Global Data Privacy Notice for Job Candidates and Applicants

Depending on your location, the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA) may regulate the way we manage the data of job applicants
Our full notice outlining how data will be processed as part of the application procedure for applicable locations is available
By submitting your application, you are agreeing to our use and processing of your data as required