Job Closed
This listing is no longer active.
We're building an open financial system for the world.
Staff Security Engineer, IAM
Location
United States
Posted
73 days ago
Salary
$218.0K - $256.5K / year
Seniority
Lead
Job Description
Staff Security Engineer, IAM
Coinbase
• Lead the architectural vision and security engineering execution for Coinbase’s Identity and Access Management (IAM) and workforce security platforms across our multi-cloud infrastructure, extensive third-party SaaS ecosystem, and internally developed applications. • Evaluate, design, and implement 'build, buy, or hybrid' strategies for workforce Identity Governance and Administration (IGA), integrating commercial tools with custom middleware and machine learning or AI models to automate complex access lifecycles and maximize ROI. • Write high-quality code to build scalable automation, custom integrations, and self-service guardrails that embed intelligent identity controls directly into CI/CD pipelines, SaaS provisioning workflows, and internal enterprise tooling. • Conduct comprehensive threat modeling and security architecture reviews for foundational identity systems and critical SaaS integrations, utilizing automated threat intelligence and AI-assisted analysis to proactively identify attack vectors and design resilient mitigations. • Partner with Engineering, IT, HR, AI/ML, and Product teams to align security initiatives with business goals, balancing robust zero-trust security with developer velocity and seamless workforce enablement. • Act as the directly responsible individual (DRI) for complex, cross-team security initiatives, mentoring junior and mid-level engineers, and influencing senior leadership on risk tradeoffs and next-generation workforce security strategies.
Job Requirements
- 7+ years of proven experience in software engineering, security engineering, or systems architecture, with a deep, Staff-level focus on Identity and Access Management and enterprise workforce security.
- Must be proficient in at least one programming language (e.g., Python, Go) and be able to effectively leverage AI-assisted development tools to build security tooling, automate workflows, and accelerate code review.
- Demonstrated track record of successfully implementing complex hybrid IAM infrastructures, integrating a massive footprint of third-party SaaS applications alongside internally developed microservices.
- Deep operational and architectural understanding of Identity Governance and Administration (IGA) processes, including automated provisioning/deprovisioning (JML workflows), continuous access reviews, and privileged access management (PAM) across a diverse enterprise fleet.
- Extensive expertise in modern identity protocols (SAML, OAuth2, OIDC, SCIM), cloud IAM (AWS and GCP), and dynamic access control frameworks (RBAC, ABAC, ReBAC) that adapt based on behavioral context and AI-driven risk scoring.
- Strong background in applied risk management, automated threat modeling, and zero-trust architecture principles applied to high-growth distributed systems and globally distributed workforces.
- An execution-focused mindset with the ability to navigate ambiguity, drive alignment without direct authority, and communicate highly technical risk concepts to business stakeholders.
- Experience driving security and engineering outcomes across decentralized or federated organizational structures, where the ability to build consensus, influence without direct authority, and coordinate delivery across multiple contributing teams is essential to success.
Benefits
- medical
- dental
- vision
- 401(k)
Related Guides
Related Categories
Related Job Pages
More Security Engineer Jobs
Senior Network Security Engineer
CrowdStrikeCrowdStrike has redefined security with the world’s most advanced cloud-native platform that protects and enables the people, processes and technologies that drive modern enterprise. Tested and proven, the world's largest organizations trust CrowdStrike to stop breaches with unparalleled protection against the most sophisticated cyberattacks. The CrowdStrike culture has been built upon our Core Values since the day we began. We are Fanatical About the Customer, Relentlessly Focused on Innovation and believe that our Limitless Passion drives Unlimited Potential for every CrowdStriker. As a purpose-built remote-first company, we believe cultivating a connected culture for every employee, no matter where they are in the world, is a key ingredient in building a high-performing, diverse team. We don’t have a mission statement. We’re on a mission—to stop breaches. Ready to join a mission that matters?
• Be the hands-on subject matter expert for Audit/Compliance, DDoS, VPNs, network segmentation spanning network infrastructure, hosts and services, and all things related to network security best practices • Provide technical security direction and insight for projects, discovery, and problem management • Operate and improve DDoS detection, mitigation, and response capabilities across scrubbing services, flow-based analysis, and edge traffic engineering • Create network segmentation through various technologies such as routing, virtual networking, Software-Defined Networking(SDN), and host/service level controls • Provide operational security support for multi-vendor, multi-region production network at-scale • Manage Network Security protocols and concepts, access management (AAA), and network ACLs/Firewalls • Identify, test and integrate new network security products, operating systems and feature sets • Manage documentation and frameworks relative to network security practices • Perform vulnerability scanning and create remediation plans • Participate in 24x7 on-call rotation
• Own and improve the incident response lifecycle: act as incident commander for high-severity incidents • Join the team's on-call rotation: triage inbound alerts/escalations, coordinate internal and company-wide incidents • Improve response readiness: create and automate playbooks, conduct tabletop exercises • Address security telemetry gaps: improve existing or build/deploy new tools • Increase detection quality: write and tune high-signal detections (in Sigma) • Proactively identify and implement areas of improvement and modernization
• drive security programs and execute security projects • provide operational support for cross-functional teams • translate complex technical, regulatory, and security requirements into structured programs and measurable outcomes
• Ensure code security and quality • Involve in every stage of the internal security process • Conduct code audits • Build tools and share research • Contribute to the reliability of smart contract systems
