Ready to be pushed beyond what you think you’re capable of? At Coinbase, our mission is to increase economic freedom in the world. It’s a massive, ambitious opportunity that demands the best of us, every day, as we build the emerging onchain platform — and with it, the future global financial system. To achieve our mission, we’re seeking a very specific candidate. We want someone who is passionate about our mission and who believes in the power of crypto and blockchain technology to update the financial system. We want someone who is eager to leave their mark on the world, who relishes the pressure and privilege of working with high caliber colleagues, and who actively seeks feedback to keep leveling up. We want someone who will run towards, not away from, solving the company’s hardest problems. Our work culture is intense and isn’t for everyone. But if you want to build the future alongside others who excel in their disciplines and expect the same from you, there’s no better place to be. While many roles at Coinbase are remote-first, we are not remote-only. In-person participation is required throughout the year. Team and company-wide offsites are held multiple times annually to foster collaboration, connection, and alignment. Attendance is expected and fully supported. At Coinbase, identity and access controls are foundational to protecting customer funds, sensitive data, and the trust that underpins our position as the world's most trusted crypto platform. The Identity and Access Management (IAM) program, housed within Security, is a cross-functional team that designs, builds, and governs workforce identity services, privileged access controls, and automated governance across a complex and rapidly evolving technology ecosystem and regulatory landscape. This role serves as a senior technical leader within the IAM program, partnering with Engineering, IT, Platform, and business teams to architect and deliver identity solutions that balance zero-trust security with workforce enablement, reduce insider risk, and satisfy global regulatory requirements. What you’ll be doing (ie. job duties): - Lead the architectural vision and security engineering execution for Coinbase’s Identity and Access Management (IAM) and workforce security platforms across our multi-cloud infrastructure, extensive third-party SaaS ecosystem, and internally developed applications. - Evaluate, design, and implement "build, buy, or hybrid" strategies for workforce Identity Governance and Administration (IGA), integrating commercial tools with custom middleware and machine learning or AI models to automate complex access lifecycles and maximize ROI. - Write high-quality code to build scalable automation, custom integrations, and self-service guardrails that embed intelligent identity controls directly into CI/CD pipelines, SaaS provisioning workflows, and internal enterprise tooling. - Conduct comprehensive threat modeling and security architecture reviews for foundational identity systems and critical SaaS integrations, utilizing automated threat intelligence and AI-assisted analysis to proactively identify attack vectors and design resilient mitigations. - Partner with Engineering, IT, HR, AI/ML, and Product teams to align security initiatives with business goals, balancing robust zero-trust security with developer velocity and seamless workforce enablement. - Act as the directly responsible individual (DRI) for complex, cross-team security initiatives, mentoring junior and mid-level engineers, and influencing senior leadership on risk tradeoffs and next-generation workforce security strategies. What we look for in you (ie. job requirements): - 7+ years of proven experience in software engineering, security engineering, or systems architecture, with a deep, Staff-level focus on Identity and Access Management and enterprise workforce security. - Must be proficient in at least one programming language (e.g., Python, Go) and be able to effectively leverage AI-assisted development tools to build security tooling, automate workflows, and accelerate code review. - Demonstrated track record of successfully implementing complex hybrid IAM infrastructures, integrating a massive footprint of third-party SaaS applications alongside internally developed microservices. - Deep operational and architectural understanding of Identity Governance and Administration (IGA) processes, including automated provisioning/deprovisioning (JML workflows), continuous access reviews, and privileged access management (PAM) across a diverse enterprise fleet. - Extensive expertise in modern identity protocols (SAML, OAuth2, OIDC, SCIM), cloud IAM (AWS and GCP), and dynamic access control frameworks (RBAC, ABAC, ReBAC) that adapt based on behavioral context and AI-driven risk scoring. - Strong background in applied risk management, automated threat modeling, and zero-trust architecture principles applied to high-growth distributed systems and globally distributed workforces. - An execution-focused mindset with the ability to navigate ambiguity, drive alignment without direct authority, and communicate highly technical risk concepts to business stakeholders. - Experience driving security and engineering outcomes across decentralized or federated organizational structures, where the ability to build consensus, influence without direct authority, and coordinate delivery across multiple contributing teams is essential to success. Nice to haves: - Experience operating in a hyper-growth tech, FinTech, or crypto environment, navigating strict regulatory landscapes (e.g., SOX) specifically regarding workforce access, logging, and auditing. - Experience governing non-FTE workforce populations (such as BPO, contractors, and M&A) at scale, including birthright access design, role-based access control for high-risk personas, and timely deprovisioning across complex identity lifecycles. - Hands-on experience with Policy-as-Code paradigms (like Open Policy Agent) and integrating machine learning to automate policy generation, detect permission anomalies, or streamline IGA certification campaigns. - Experience managing identity boundaries for AI/ML workloads, including securing workforce access to large language models, training data pipelines, and inference infrastructure. Job #: P76467 Pay Transparency Notice: Depending on your work location, the target annual salary for this position can range from $218,025 to $256,500 + target bonus + target equity + benefits (including medical, dental, vision and 401(k)). #LI-Remote Pay Transparency Notice: Depending on your work location, the target annual base salary for this position can range as detailed below. Total compensation may also include equity and bonus eligibility and benefits (including medical, dental, vision and 401(k)). Annual base salary range (excluding equity and bonus): $218,025—$256,500 USD Please be advised that each candidate may submit a maximum of four applications within any 30-day period. We encourage you to carefully evaluate how your skills and interests align with Coinbase's roles before applying. Commitment to Equal OpportunityCoinbase is proud to be an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, gender, national origin, age, disability, veteran status, sex, gender expression or identity, sexual orientation or any other basis protected by applicable law. Coinbase will also consider for employment qualified applicants with criminal histories in a manner consistent with applicable federal, state and local law. For US applicants, you may view the Employee Rights and the Know Your Rights notices by clicking on their corresponding links. Additionally, Coinbase participates in the E-Verify program in certain locations, as required by law. Coinbase is also committed to providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation because of a disability for any part of the employment process, please contact us at accommodations[at]coinbase.com to let us know the nature of your request and your contact information. For quick access to screen reading technology compatible with this site click here to download a free compatible screen reader (free step by step tutorial can be found here). Global Data Privacy Notice for Job Candidates and ApplicantsDepending on your location, the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA) may regulate the way we manage the data of job applicants. Our full notice outlining how data will be processed as part of the application procedure for applicable locations is available here. By submitting your application, you are agreeing to our use and processing of your data as required. For US applicants only, by submitting your application you are agreeing to arbitration of disputes as outlined here. AI DisclosureFor select roles, Coinbase is piloting an AI tool based on machine learning technologies to conduct initial screening interviews to qualified applicants. The tool simulates realistic interview scenarios and engages in dynamic conversation. A human recruiter will review your interview responses, provided in the form of a voice recording and/or transcript, to assess them against the qualifications and characteristics outlined in the job description. For select roles, Coinbase is also piloting an AI interview intelligence platform to transcribe and summarize interview notes, allowing our interviewers to fully focus on you as the candidate. The above pilots are for testing purposes and Coinbase will not use AI to make decisions impacting employment. To request a reasonable accommodation due to disability, please contact accommodations[at]coinbase.com

Title: Senior Corporate Security Engineer Reports to: Manager of IT Solutions Engineering Location: Remote US Compensation Range: $130,000 to $150,000 base plus bonus and equity What We Do: Huntress is a fully remote, global team of passionate experts and ethical badasses on a mission to break down the barriers to cybersecurity. Whether creating purpose-built security solutions, hunting down hackers, or impacting our community, our people go above and beyond to change the security game and make a real difference. Founded in 2015 by former NSA cyber operators, Huntress protects all businesses—not just the 1%—with enterprise-grade, fully owned, and managed cybersecurity products at the price of an affordable SaaS application. The Huntress difference is our One Team advantage: our technology is designed with our industry-defining Security Operations Center (SOC) in mind and is never separated from our service. We protect 4M+ endpoints and 7M+ identities worldwide, elevating underresourced IT teams with protection that works as hard as they do. As long as hackers keep hacking, Huntress keeps hunting. What You’ll Do: As a Senior Corporate Security Engineer, you will join the IT Solutions Engineering team, working side-by-side with Systems Engineers, Business Systems Analysts, and Automation Engineers. Your mission is to ensure that the technology solutions we build to enable the business are scalable, resilient, and secure by design. You will serve as the security subject-matter expert within this multidisciplinary team. Your goal is not to police others' work, but to embed security best practices directly into our IT operations. You will create defenses for our workstations and identities. You will teach your peers about security basics to encourage a 'security-first' culture. You will also act as a technical escalation point for the internal CIRT. This applies to incidents related to IT-supported systems, including workstations, SaaS, and identity. Responsibilities: - Proactive Security Process Design: Build on and establish new security processes in partnership with the IT Solutions Engineering team. You will lead the shift from reactive measures to proactive defense, identifying potential risks in our workflows and designing scalable, secure-by-default processes that prevent issues before they arise. - Workstation Security Design: Design and verify security configurations for our workstation fleet (Windows and macOS) and mobile devices. Collaborate with IT Systems Engineers to ensure Intune policies are effective without disrupting the user experience or business workflows. - Email Security Defense: Manage and refine our email security systems to protect against phishing, spam, and malware. You will tune policies, manage quarantine flows, and maintain authentication standards (SPF, DKIM, DMARC) to ensure our communications remain secure and reliable. - Identity & Access Defense: Act as the subject matter expert for Entra ID. Design conditional access policies, enforce MFA standards, and ensure "least privilege" access is maintained across our identity infrastructure. - Secure SaaS Implementation: Lead the security review process for new and existing SaaS applications. Partner with Business Systems Analysts to establish baselines for third-party integrations and help the team understand how to configure tools securely by default. - Education & Partnership: Actively mentor and educate all of IT and business system support teams on security best practices. Create documentation and run knowledge-sharing sessions to help your peers spot risks and make secure decisions autonomously. - Incident Escalation (IT Systems): Act as the primary technical escalation point for the internal CIRT regarding IT-managed assets. You will partner with the team to investigate potential compromises on employee workstations, analyze Entra ID sign-in logs, and resolve security incidents on SaaS accounts. - Vulnerability Remediation: Collaborate with Automation and Systems Engineers to prioritize patching utilizing a risk-based approach. You will help the team understand the severity of vulnerabilities and assist in testing remediation paths. What You Bring To The Team: - Education: Bachelor's degree in Computer Science, Information Technology, or relevant security certifications (CISSP, GIAC, etc.), or equivalent practical experience. - Experience: 5+ years of experience in Information Security or IT Engineering with a strong focus on securing a fully remote workforce and system hardening. - Technical Expertise: - Deep expertise in Microsoft Intune for configuration management and security baselines. - Proficiency in Entra ID (Azure AD) security, including Conditional Access, Identity Protection, and OIDC/SAML integrations. - Experience securing SaaS ecosystems (Google Workspace, Slack, Salesforce, etc.). - Remote Fluency & Organization: You thrive in a fully remote environment and recognize that organization is key to success. You believe "it isn't done until it's documented" and produce clear, maintainable guides because you know documentation is the lifeline of asynchronous collaboration. - Collaborative Mindset: You thrive in a cross-functional environment. You know how to work with Automation Engineers and Business Analysts to build solutions that are both secure and efficient. - Communication & Mentorship: A proven ability to explain complex security concepts to technical peers in IT. You enjoy teaching others and enabling teams to be self-sufficient in security matters. - Project Ownership: Experience taking a security project, such as rolling out a new control or hardening a system, from design to full deployment, ensuring all stakeholders are informed and aligned. What We Offer: - 100% remote work environment - since our founding in 2015 - Generous paid time off policy, including vacation, sick time, and paid holidays - 12 weeks of paid parental leave - Highly competitive and comprehensive medical, dental, and vision benefits plans - 401(k) with a 5% contribution regardless of employee contribution - Life and Disability insurance plans - Stock options for all full-time employees - One-time $500 reimbursement for building/upgrading home office - Annual allowance for education and professional development assistance - $75 USD/month digital reimbursement - Access to the BetterUp platform for coaching, personal, and professional growth Huntress is committed to creating a culture of inclusivity where every single member of our team is valued, has a voice, and is empowered to come to work every day just as they are. We do not discriminate based on race, ethnicity, color, ancestry, national origin, religion, sex, sexual orientation, gender identity, disability, veteran status, genetic information, marital status, or any other legally protected status. We do discriminate against hackers who try to exploit businesses of all sizes. Accommodations: If you require reasonable accommodation to complete this application, interview, or pre-employment testing or participate in the employee selection process, please direct your inquiries to accommodations@huntresslabs.com. Please note that non-accommodation requests to this inbox will not receive a response. Huntress uses artificial intelligence tools to assist in reviewing and evaluating job applications, including resume screening, skills assessment, and candidate matching and comparisons. These AI tools support our human recruiters in the initial review process but do not make final hiring decisions without human involvement. By submitting your application, you acknowledge this use of AI in our recruitment process. Please review our Candidate Privacy Notice for more details on our practices and your data privacy rights. #BI-Remote

• Lead the architectural vision and security engineering execution for Coinbase’s Identity and Access Management (IAM) and workforce security platforms across our multi-cloud infrastructure, extensive third-party SaaS ecosystem, and internally developed applications. • Evaluate, design, and implement 'build, buy, or hybrid' strategies for workforce Identity Governance and Administration (IGA), integrating commercial tools with custom middleware and machine learning or AI models to automate complex access lifecycles and maximize ROI. • Write high-quality code to build scalable automation, custom integrations, and self-service guardrails that embed intelligent identity controls directly into CI/CD pipelines, SaaS provisioning workflows, and internal enterprise tooling. • Conduct comprehensive threat modeling and security architecture reviews for foundational identity systems and critical SaaS integrations, utilizing automated threat intelligence and AI-assisted analysis to proactively identify attack vectors and design resilient mitigations. • Partner with Engineering, IT, HR, AI/ML, and Product teams to align security initiatives with business goals, balancing robust zero-trust security with developer velocity and seamless workforce enablement. • Act as the directly responsible individual (DRI) for complex, cross-team security initiatives, mentoring junior and mid-level engineers, and influencing senior leadership on risk tradeoffs and next-generation workforce security strategies.

• Be the hands-on subject matter expert for Audit/Compliance, DDoS, VPNs, network segmentation spanning network infrastructure, hosts and services, and all things related to network security best practices • Provide technical security direction and insight for projects, discovery, and problem management • Operate and improve DDoS detection, mitigation, and response capabilities across scrubbing services, flow-based analysis, and edge traffic engineering • Create network segmentation through various technologies such as routing, virtual networking, Software-Defined Networking(SDN), and host/service level controls • Provide operational security support for multi-vendor, multi-region production network at-scale • Manage Network Security protocols and concepts, access management (AAA), and network ACLs/Firewalls • Identify, test and integrate new network security products, operating systems and feature sets • Manage documentation and frameworks relative to network security practices • Perform vulnerability scanning and create remediation plans • Participate in 24x7 on-call rotation