Insider Threat Analyst

CoinbaseCoinbase·Remote(Remote - USA)
Data & Analytics

WFA Digital Insight

The demand for cybersecurity specialists grew significantly in recent years, with a particular focus on insider threats. As companies like Coinbase handle vast amounts of digital assets, the need for skilled professionals to protect against internal risks has never been more pressing. With the remote job market expanding, candidates with experience in security operations, investigations, and threat analysis are in high demand. Coinbase stands out for its commitment to economic freedom and its remote-first approach, making this role an exciting opportunity for those looking to work in a dynamic, global environment. Before applying, candidates should be aware of the importance of translating complex security issues into actionable insights and the need for collaboration with cross-functional teams.

Job Description

About the Role

The Insider Threat Analyst role at Coinbase is a critical position within the company's Security Operations organization. This team is responsible for protecting the trust of millions of customers and billions of dollars in digital assets by detecting, investigating, and mitigating threats from inside the organization. The successful candidate will be at the forefront of insider threat detection, working closely with Security, Legal, HR, and business teams to safeguard Coinbase as it continues to scale globally.

As a remote-first company, Coinbase offers the flexibility to work from anywhere in the USA, with quarterly in-person working sessions, known as "surges," which are designed to foster collaboration and innovation among teams. The company's intense and dynamic environment is perfect for those who thrive under challenge and are committed to delivering high-quality results.

The role of an Insider Threat Analyst is multifaceted, requiring a deep understanding of security operations, threat analysis, and investigative techniques. The ideal candidate will have experience in conducting investigations, analyzing data, and communicating complex findings to both technical and non-technical stakeholders.

What You Will Do

  • Execute alert triage, correlation, and analysis across insider threat detection systems, prioritizing findings and escalating recommendations for investigation and mitigation.
  • Support investigations from initial triage and evidence collection through to employee interviews and stakeholder coordination, delivering clear documentation of findings, risk assessment, and recommended next steps.
  • Partner with Security, Legal, HR, and business teams to design and execute processes that identify and mitigate insider risks, including abuse and misuse across company systems.
  • Build case documentation and investigative reports that translate complex technical findings into concise, decision-ready briefs and assessments for leadership and cross-functional stakeholders.
  • Drive improvements to insider threat detection by identifying recurring control gaps, refining alerting logic, and recommending scalable solutions that reduce insider risk across the organization.
  • Collaborate with the Security team to enhance the overall security posture of Coinbase, ensuring the protection of customer assets and data.
  • Develop and maintain a thorough understanding of the insider threat landscape, including legal, regulatory, and ethical considerations of handling sensitive information.
  • Utilize generative AI responsibly to enhance workflow efficiency, cost, and quality, while maintaining human oversight to ensure business-ready outputs.
  • Stay up-to-date with the latest trends and technologies in insider threat detection, continuously looking for ways to improve Coinbase's security infrastructure.

What We Are Looking For

  • 3+ years of experience in insider threat, security operations, investigations, fraud detection, or a closely related discipline.
  • Hands-on experience with insider threat technologies (SIEM, UBA, DLP, endpoint detection) and log analysis.
  • Demonstrated experience conducting or supporting investigations involving sensitive employee matters, including evidence collection, interviewing techniques, and stakeholder coordination.
  • Proven ability to translate complex security problems into clear, actionable recommendations, including composing investigative briefs and assessments consumed by leadership.
  • Working knowledge of the insider threat landscape, including legal, regulatory, and ethical considerations of handling sensitive information.
  • Experience with customer service tools or financial analysis.
  • Ability to work in a fast-paced environment, prioritizing tasks effectively and managing multiple investigations simultaneously.
  • Strong analytical and problem-solving skills, with the ability to analyze complex data sets and identify key trends and patterns.

Nice to Have

  • CISSP or other security credentials.
  • Experience in analyzing data and identifying disparities and trends.
  • Knowledge in one or more of the following areas: incident response, data protection, risk management, counterintelligence, investigations, fraud detection, financial crimes investigation, intellectual property theft, access and identity management.

Benefits and Perks

  • Competitive salary and equity package.
  • Comprehensive health, dental, and vision insurance.
  • Flexible PTO and remote work options.
  • Access to professional development opportunities and continuous learning resources.
  • Quarterly in-person working sessions ("surges") for team collaboration and innovation.
  • A dynamic, global work environment with a team of highly motivated professionals.
  • The opportunity to work on cutting-edge projects that impact the future of finance and economic freedom.

How to Stand Out

  • Tip: Highlight your experience with insider threat detection systems and log analysis in your resume and cover letter.
  • Be prepared to discuss specific examples of investigations you've conducted and how you've mitigated insider threats in previous roles.
  • Showcase your ability to communicate complex technical information to non-technical stakeholders, as this is a critical skill for the Insider Threat Analyst position.
  • Familiarize yourself with Coinbase's products and services, as well as the company's approach to security and risk management.
  • Consider obtaining security certifications like CISSP to demonstrate your expertise and commitment to the field.
  • When preparing for the interview, practice explaining how you stay current with the latest trends and technologies in insider threat detection and how you apply that knowledge in your work.

This is a remote position listed on WFA Digital, the platform for professionals who work from anywhere. Browse more remote jobs across all categories.