Staff Security Engineer, InfraSec

## About the Role The Staff Security Engineer, InfraSec role at Coinbase is a critical position that focuses on protecting the foundation of the company's infrastructure and platform services. As a key member of the Infrastructure Security team, you will design, implement, and automate cutting-edge security solutions across complex cloud and containerized environments. This includes working closely with engineering teams to embed security into the design and deployment of platform services, ensuring the highest level of security and scalability.

The role requires a deep understanding of cloud and containerized platform technologies, including AWS, Kubernetes, and Docker. The ideal candidate will have a strong background in infrastructure security, with the ability to partner with cross-functional teams to align security initiatives with business goals. This is an opportunity to work with a talented team of professionals who are passionate about crypto and blockchain technology and are committed to making a significant impact in the industry.

Coinbase's mission is to increase economic freedom in the world, and this role plays a vital part in achieving that goal. The company's culture is intense and fast-paced, with a focus on innovation and collaboration. If you are a motivated and experienced security professional looking for a challenging and rewarding role, this could be the perfect opportunity for you.

## What You Will Do - Design, implement, and maintain security controls across multi-cloud environments, including AWS and GCP.

• Develop secure-by-default patterns for infrastructure-as-code and container orchestration platforms.
• Write code in Go to automate security processes, enforce guardrails, and integrate security solutions.
• Conduct security reviews of cloud architecture, data platforms, and routing configurations to identify vulnerabilities and recommend improvements.
• Partner with engineering teams to embed security into the design and deployment of platform services.
• Collaborate with cross-functional teams to align security initiatives with business goals, balancing security, risk, and enablement.
• Evaluate security needs during mergers and acquisitions and ensure acquired companies are integrated into secure paved road frameworks.
• Influence senior leaders and stakeholders on technical decisions, risk management strategies, and tradeoffs to drive secure and scalable outcomes.
• Drive continuous improvement of security policies, threat detection mechanisms, and incident response automations.

• Proficiency in writing Go for automation and guardrails, and deploying infrastructure with Terraform.
• Expertise across modern cloud and containerized platform technologies, including securing data platforms and cloud edge security.
• Proven ability to partner with engineering, product, and business teams to align security initiatives with broader company goals.
• Strong understanding of security principles, including secure design patterns, threat modeling, and risk management.
• Experience with security compliance frameworks, such as PCI-DSS, HIPAA, and SOC 2.
• Excellent communication and collaboration skills, with the ability to work effectively with technical and non-technical stakeholders.
• Passion for crypto and blockchain technology and a commitment to making a significant impact in the industry.

• Knowledge of cloud security architectures, including cloud security gateways, cloud access security brokers, and cloud workload protection platforms.
• Familiarity with agile development methodologies and version control systems, such as Git.
• Experience with infrastructure-as-code tools, such as Terraform or CloudFormation.

• Comprehensive health, dental, and vision insurance.
• Flexible working hours and remote work options.
• Generous paid time off and holiday policy.
• Access to professional development and training opportunities.
• Collaborative and dynamic work environment with a team of experienced professionals.
• Opportunity to work on cutting-edge projects and contribute to the growth and development of the company.

- To stand out in the application process, highlight your experience with cloud and containerized platform technologies, such as AWS and Kubernetes.

• Showcase your ability to partner with cross-functional teams to align security initiatives with business goals.
• Be prepared to provide examples of your experience with security compliance frameworks, such as PCI-DSS, HIPAA, and SOC 2.
• When discussing your technical skills, focus on your proficiency in writing Go for automation and guardrails, and deploying infrastructure with Terraform.
• Research the company's mission and values, and be prepared to discuss how your skills and experience align with them.
• Highlight your passion for crypto and blockchain technology and your commitment to making a significant impact in the industry.
• Be prepared to provide examples of your experience with security information and event management (SIEM) systems and security orchestration, automation, and response (SOAR) solutions.