• Architect and implement PBAC and RBAC solutions, including policy models, roles, decision engines, enforcement points, and policy‑as‑code frameworks. • Design and operationalize fine‑grained authorization for applications, services, APIs, and data platforms, enabling contextual and attribute‑based access decisions. • Develop an identity security framework for AI, defining identity controls, access constraints, and governance models for AI agents, models, datasets, and prompt flows. • Integrate PBAC with workload identity, service‑to‑service authentication, and distributed access decisioning within modern cloud and microservice environments. • Partner with application and platform teams to embed authorization-by-design into solution architecture, code, and deployment pipelines. • Evaluate and implement fine grained authorization policies & custom RBAC roles; defining their integration points and governance processes. • Develop automated tooling for policy validation, simulation, testing, and versioning to ensure consistent enforcement and safe policy deployment. • Ensure authorization architecture aligns with risk, compliance, and regulatory requirements while supporting performance, reliability, and developer usability. • Stay current on emerging trends in authorization engineering, zero trust, AI access governance, and modern identity security paradigms.

Ready to be pushed beyond what you think you’re capable of? At Coinbase, our mission is to increase economic freedom in the world. It’s a massive, ambitious opportunity that demands the best of us, every day, as we build the emerging onchain platform — and with it, the future global financial system. To achieve our mission, we’re seeking a very specific candidate. We want someone who is passionate about our mission and who believes in the power of crypto and blockchain technology to update the financial system. We want someone who is eager to leave their mark on the world, who relishes the pressure and privilege of working with high caliber colleagues, and who actively seeks feedback to keep leveling up. We want someone who will run towards, not away from, solving the company’s hardest problems. Our work culture is intense and isn’t for everyone. But if you want to build the future alongside others who excel in their disciplines and expect the same from you, there’s no better place to be. While many roles at Coinbase are remote-first, we are not remote-only. In-person participation is required throughout the year. Team and company-wide offsites are held multiple times annually to foster collaboration, connection, and alignment. Attendance is expected and fully supported. The AppSec team is looking for a Senior Security Engineer to revolutionize how we scale Identity and Access Management (IAM) reviews. In this role, you will have the autonomy to treat security as an engineering problem and stay at the forefront of applying AI to cybersecurity. Your mission is to move our organization away from manual processes toward a proactive, automated security posture. By building the foundations of a next-generation IAM review system, you will design and deploy frameworks that enforce least-privilege at scale and leverage AI to identify risks that human oversight might miss. What you’ll be doing (ie. job duties): - Design, develop, and maintain internal tools and services (primarily in Go) to automate the IAM lifecycle and security review processes. - Build "Guardrails-as-Code" to detect and remediate overly permissive roles or misconfigurations across a diverse set of in-house developed and SaaS applications. - Prototype and implement AI-driven solutions (such as LLM-based analysis or anomaly detection) to categorize access patterns and provide intelligent recommendations for rightsizing permissions. - Create developer-centric tools that allow engineering teams to manage their own access securely, reducing friction while maintaining strict security standards. - Serve as the subject matter expert for complex IAM architecture decisions, ensuring that automation logic aligns with industry frameworks (like Zero Trust and NIST). What we look for in you (ie. job requirements): - Demonstrated ability to responsibly use generative AI tools and copilots (e.g., LibreChat, Gemini, Glean) in daily workflows, continuously learn as tools evolve, and apply human-in-the-loop practices to deliver business-ready outputs and drive measurable improvements in efficiency, cost, and quality. - Bachelor’s or Master’s in Computer Science, Computer Engineering, Cybersecurity, or a related field. - Deep understanding of IAM primitives (Service Accounts, OIDC, SAML, RBAC vs. ABAC). - Strong proficiency in Python, Go, or Node.js. Experience with Git, CI/CD pipelines, and writing clean, maintainable code. - Experience in leveraging LLMs to enable self-serve and autonomous capabilities. - Familiarity with microservices architecture. Nice to haves: - Demonstrated experience managing workforce access, logging, and auditing in a fast-paced hyper-growth environment (FinTech or crypto preferred), with a strong understanding of navigating strict regulatory landscapes, such as SOX compliance. - Experience with data engineering basics (SQL, Snowflake, or Databricks) to analyze large-scale access logs. - Background in Application Security. Job #: P76231 #LI-Remote Pay Transparency Notice: The target annual base salary for this position can range as detailed below. Total compensation may also include equity and bonus eligibility and benefits (including medical, dental, and vision). Annual base salary range (excluding equity and bonus): $191,100—$191,100 CAD Please be advised that each candidate may submit a maximum of four applications within any 30-day period. We encourage you to carefully evaluate how your skills and interests align with Coinbase's roles before applying. Commitment to Equal OpportunityCoinbase is proud to be an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, gender, national origin, age, disability, veteran status, sex, gender expression or identity, sexual orientation or any other basis protected by applicable law. Coinbase will also consider for employment qualified applicants with criminal histories in a manner consistent with applicable federal, state and local law. For US applicants, you may view the Employee Rights and the Know Your Rights notices by clicking on their corresponding links. Additionally, Coinbase participates in the E-Verify program in certain locations, as required by law. Coinbase is also committed to providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation because of a disability for any part of the employment process, please contact us at accommodations[at]coinbase.com to let us know the nature of your request and your contact information. For quick access to screen reading technology compatible with this site click here to download a free compatible screen reader (free step by step tutorial can be found here). Global Data Privacy Notice for Job Candidates and ApplicantsDepending on your location, the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA) may regulate the way we manage the data of job applicants. Our full notice outlining how data will be processed as part of the application procedure for applicable locations is available here. By submitting your application, you are agreeing to our use and processing of your data as required. For US applicants only, by submitting your application you are agreeing to arbitration of disputes as outlined here. AI DisclosureFor select roles, Coinbase is piloting an AI tool based on machine learning technologies to conduct initial screening interviews to qualified applicants. The tool simulates realistic interview scenarios and engages in dynamic conversation. A human recruiter will review your interview responses, provided in the form of a voice recording and/or transcript, to assess them against the qualifications and characteristics outlined in the job description. For select roles, Coinbase is also piloting an AI interview intelligence platform to transcribe and summarize interview notes, allowing our interviewers to fully focus on you as the candidate. The above pilots are for testing purposes and Coinbase will not use AI to make decisions impacting employment. To request a reasonable accommodation due to disability, please contact accommodations[at]coinbase.com

• Provide hands-on SAP Security support across ECC, S/4HANA and SAP Public Cloud environments • Design, build and maintain SAP roles and authorisations using PFCG • Maintain and troubleshoot SU24 and SU25 data and resolve authorisation issues • Support Fiori security configuration including catalogue and group assignments • Support BAU/AMS activities including user provisioning, access requests and incident resolution • Implement and support SAP GRC Access Control including access risk analysis and remediation • Collaborate with functional and technical teams to align security design with business processes • Assist with security activities for project work including enhancements, upgrades and new implementations • Support audit, compliance and segregation of duties requirements • Create and maintain clear technical and process documentation for customers and internal use

• Ensuring customer success by understanding requirements and helping them build a long-term strategy based on best practices • Collaborating with cross-functional teams to evaluate customer architecture, address technical challenges and maximize benefits from using Akamai solutions • Participating in training and projects contributing to best practices, maximizing efficiency, and improving methodology and service quality • Demonstrating Akamai's value, ensuring customer engagement and communicating effectively with both technical and business audiences