Privacy Analyst

About the Role

The ideal candidate will thrive in a fast-paced environment and be able to drive cross-functional coordination during time-sensitive events. They will also be responsible for maintaining on-call readiness to support privacy incident triage, severity classification, and urgent escalations. With the increasing demand for data privacy specialists, this role offers a unique opportunity to make a significant impact in the industry.

Coinbase is a remote-first company, but not remote-only, and the successful candidate will be expected to participate in quarterly in-person working sessions. This role is perfect for someone who is passionate about data privacy and is looking for a challenging and rewarding career opportunity.

What You Will Do

• Own the end-to-end Privacy Incident Management program, including notification workflows, escalation paths, process documentation, responder enablement, and automation opportunities.
• Lead privacy incident response as the DRI and Incident Commander, coordinating across Privacy, Privacy Legal, CSIRT, Product, Engineering, and Communications to drive analysis, remediation, and follow-through.
• Maintain on-call readiness to support privacy incident triage, severity classification, and urgent escalations, ensuring incidents are correctly assessed and routed.
• Drive privacy incident retrospectives, track resulting remediation items and control gaps, and deliver incident metrics and reporting covering trends, remediation status, and process health.
• Build and maintain strong cross-functional and cross-geography stakeholder relationships to improve readiness, response quality, and business accountability.
• Support broader Privacy initiatives during lower-volume periods, including cross-functional efforts, tooling development, and automation projects.
• Collaborate with the Security team to identify and mitigate potential security threats to data privacy.
• Develop and maintain incident response plans and procedures to ensure compliance with regulatory requirements.
• Conduct regular audits to ensure compliance with data privacy regulations and frameworks.

What We Are Looking For

• 3+ years of experience in privacy, security, incident response, technology risk, or a related operational risk function, including direct experience leading or supporting incident, issue, or risk workflows requiring structured analysis, documentation, and cross-functional coordination.
• Strong incident management skills with experience communicating privacy risk and incident findings to both technical and non-technical audiences, including producing written incident analyses, retrospective documentation, and executive-level summaries.
• Proven track record of leading technical investigations within cloud-native architectures, with hands-on proficiency in SQL, Python, and data analysis tools (e.g., Postgres, MongoDB, Airflow, Looker, Snowflake).
• Demonstrated experience building automation to reduce manual operational tasks and improve incident response efficiency.
• Working knowledge of privacy regulations and frameworks (e.g., GDPR, CCPA, PIPEDA, ePrivacy, DPIAs/PIAs, ROPA, data subject rights) data subject rights, privacy controls, and privacy issue management.
• Utilizes and builds generative AI responsibly, maintaining human oversight to deliver business-ready outputs and drive measurable improvements in workflow efficiency, cost, and quality.
• Experience with incident response tools and technologies, such as incident management software and threat intelligence platforms.
• Strong analytical and problem-solving skills, with the ability to think critically and creatively.

Nice to Have

• Experience working in a remote-first environment and participating in in-person working sessions.
• Knowledge of cloud-based data storage and analytics platforms, such as AWS or Google Cloud.
• Familiarity with agile development methodologies and version control systems, such as Git.
• Experience with data visualization tools, such as Tableau or Power BI.
• Certification in data privacy or a related field, such as CIPP or CIPM.

Benefits and Perks

• Competitive salary and benefits package, including health, dental, and vision insurance.
• Generous paid time off and holiday policy, including flexible work arrangements.
• Opportunities for professional growth and development, including training and education programs.
• Access to cutting-edge technologies and tools, including data analytics and incident response software.
• Collaborative and dynamic work environment, with a team of experienced professionals.
• Flexible remote work arrangements, including the option to work from home or in a shared office space.
• Quarterly in-person working sessions, including team-building activities and social events.
• Access to a comprehensive wellness program, including mental health support and fitness classes.

• Tip: Develop a strong understanding of data privacy regulations and frameworks, including GDPR and CCPA, to increase your chances of success in this role.
• Make sure to highlight your experience with incident response tools and technologies, such as incident management software and threat intelligence platforms, in your application.
• Consider obtaining a certification in data privacy, such as CIPP or CIPM, to demonstrate your expertise and commitment to the field.
• Be prepared to provide examples of your experience with cross-functional coordination and communication, including incident response and remediation.
• Show your ability to think critically and creatively, and demonstrate your analytical and problem-solving skills.
• Be prepared to discuss your experience with automation and workflow efficiency, including your ability to build and maintain automation tools and processes.
• Tip: Research Coinbase's company culture and values, and be prepared to discuss how you align with them and how you can contribute to the team's success.