Create New Account
Sign up to continue searching for suitable jobs in Web 3.0

OR
Terms of Use
Already have an account?

Log In to Your Account
Log in to continue searching for suitable jobs in Web 3.0

OR
Don’t have an account?
Coinbase
Specialist Security Risk
7 months ago | 339 views | Be the first one to apply

Specialist Security Risk

Full-time
United States
Per year
$113,000 To $134,000

About the company

Coinbase is one of the most trusted cryptocurrency exchanges today. It secures cash on FDIC-secured accounts, lets you securely connect and trade crypto via your bank account, and blocks suspicious accounts to ensure user safety

Job Summary

What you’ll be doing (ie. job duties)

📍Assessments: Facilitate technical security risk assessments across our production and corporate environments, enabling security and privacy teams to describe risk in both qualitative and quantitative terms 📍Maintain the Security Risk Register data: quality control of data, tooling support and automation/process improvements 📍Manage security risks via the risk lifecycle: 📍Intake to the risk register, triage, residual risk calculation, and analysis with subject matter experts and risk owners 📍Facilitate agreement and execution of mitigation plans across stakeholders 📍Enable teams and leadership to risk-based decisions and trade-offs impacting, security investment strategies and project prioritization 📍Document and monitor risk treatment decisions to accept or remediate risks 📍Support reporting out on findings, metrics, and recommend mitigations to security and business leadership 📍Ad-hoc meeting planning support for risk meetings with security leadership and business risk owners 📍Communications/Training: Develop/maintain communication/training plans to roll out the security risk program across the organization 📍Global Engagement: Collaborate with stakeholders to help scale the program’s risk framework across Coinbase entities, products, and geographies/markets 📍Enterprise Risk: Work in lockstep with Enterprise Risk Management to escalate risks the enterprise risk register and report relevant metrics to senior leadership 📍Legal: Regularly collaborate with GRCP teams, Legal and Compliance for risks, assessments, and reporting to meet regulatory requirements 📍Audits: support data compilation to respond to US and international audit/regulator inquiries 📍Industry pulse: Maintain awareness of international regulation, emerging threats, forecasts, policies, and benchmarks 📍Maintain team runbooks, team intra-web pages, and risk register metrics dashboards

What we look for in you (ie. job requirements):

📍2-3+ years of experience working in Security Risk and/or GRCP/Compliance 📍Security Risk domain knowledge: security and cyber security risks, standards and frameworks i.e. ISO 27001/5, NIST CSF, FAIR risk quant methodology, etc. 📍Experience with controls/risk management frameworks to measure controls/risks, monitor controls/risks, and validating/racking/evidencing remediation 📍Ability to dig into technical risk solutions and to work on technical quantitative risk assessments 📍Comfortable working with GRCP tools e.g. Jira, Archer etc. and quant and qualitative data analytics 📍Ability to translate controls/risk standards out of compliance speak and into functional requirements 📍Knowledge of risk/control best practices and knowledge of major regulatory/legal frameworks (US/international)

Similar jobs

5 days ago | 23 views | Be the first one to apply
Full-time
Palo Alto, North America
$170,000 To $210,000 per year
6 days ago | 29 views | Be the first one to apply
6 days ago | 36 views | Be the first one to apply
9 days ago | 57 views | Be the first one to apply
Full-time
Germany, Europe
10 days ago | 43 views | 1 applications
Full-time
United States, North America
$210,000 To $240,000 per year