Senior Engineer, Blockchain Security - Asset Review

  • Coinbase, Inc
  • Remote - USA
  • Apr 19, 2022
Full time Blockchain Engineering Remote

Job Description

We’re Coinbase. We’re the world’s most trusted way to join the crypto revolution, serving more than 89 million accounts in more than 100 countries. 

Our mission is to increase economic freedom around the world, and we couldn’t do this without hiring the best people. We’re a group of hard-working overachievers who are deeply focused on building the future of finance and Web 3.0 for our users across the globe, whether they’re trading, storing, staking or using crypto. Know those people who always lead the group project? That’s us.

There are a few things we look for across all hires we make at Coinbase, regardless of role or team. First, we look for candidates who will thrive in a culture like ours, where we default to trust, embrace feedback, and disrupt ourselves. Second, we expect all employees to commit to our mission-focused approach to our work. Finally, we seek people who are excited to learn about and live crypto, because those are the folks who enjoy the intense moments in our sprint and recharge work culture. We’re a remote-first company looking to hire the absolute best talent all over the world.

Ready to #LiveCrypto? Who you are:

  • You’ve got positive energy. You’re optimistic about the future and determined to get there. 
  • You’re never tired of learning. You want to be a pro in bleeding edge tech like DeFi, NFTs, DAOs, and Web 3.0. 
  • You appreciate direct communication. You’re both an active communicator and an eager listener - because let’s face it, you can’t have one without the other. You’re cool with candid feedback and see every setback as an opportunity to grow.
  • You can pivot on the fly. Crypto is constantly evolving, so our priorities do, too. What you worked on last month may not be what you work on today, and that excites you. You’re not looking for a boring job.
  • You have a “can do” attitude. Our teams create high-quality work on quick timelines. Owning a problem doesn’t scare you, but rather empowers you to take 100% responsibility for achieving our mission.
  • You want to be part of a winning team. We’re stronger together, and you’re a person who embraces being pushed out of your comfort zone.

Coinbase stores more digital currency than any company in the world, making us a tier 1 target on the internet. As an Asset Review Senior Analyst, you will join a premier team with one overarching goal: to contribute to the “Amazon of Assets” vision of coinbase. The Amazon of Assets vision is to ensure the security of all types of Web3.0 assets, protocols, and applications.

Aside from the addition of tokens, this team also is targeting security analysis of emerging L2 Networks, bridges, and DeFi protocols. Protocol refers to distributed ledgers, most often blockchains or similar data structures, achieving consensus despite adversarial behavior. This means that the Blockchain Security team is on the front line of knowledge and expertise about how these technologies work, and how they break: we are as “far down the crypto stack” as you can get.

L2 Networks refers to networks which are layed on top of existing Blockchains or Tokens. These networks are an emerging technology that introduce new complexities and risk for custodibility of digital assets. Additionally, as the Crypto world continues to become more interconnected, the bridging of tokens across networks become more common. This role will be on the forefront of defining Coinbase’s risk and security frameworks and helping to define tooling and automation for these emerging industry trends.  

What you’ll be doing (i.e. job duties):

  • Perform security assessments, framework development, and threat modeling of assets, including various blockchain protocols, smart contracts, and other distributed ledger tech.
  • Partner with software engineering teams to advise on code and architecture for internal smart contract development
  • Partner with internal tooling teams to drive the roadmap and vision for internal Coinbase Blockchain Security Tools
  • Identify automation opportunities in our tooling and processes, deliver a Proof of Concept, and write detail technical requirements
  • Work with cross-functional teams to align on risk scorings and mitigations for asset reviews and help define priority for development work
  • Oversee generating KPI metrics for asset review pipeline and team performance
  • Investigate impactful changes to the space, asset upgrades, and novel innovations such as zero-knowledge proofs and bleeding-edge blockchain protocols.
  • Publish blogs and give talks (internal and external) on newfound vulnerabilities, incident investigations, unique integration risks, and related topics.

What we look for in you (i.e. job requirements):

  • Passion for learning about and working with digital currencies
  • 4+ years of CyberSecurity experience, 2+ years of SmartContract/Crypto Experience
  • Security mentor who can build processes and educate internal members
  • Passionate about solving complex security problems
  • Comfortable with ambiguity and failure, having ownership of one’s own domain, and pride in high quality work
  • Broad knowledge of security technologies, processes and techniques
  • Demonstration of our core values: clear communication, positive energy, continuous learning, and efficient execution

Nice to haves:

  • Bachelor’s/Master’s Degree in Computer Science, CyberSecurity, or related field
  • Expertise in Solidity (or other Smart Contract Language such as Rust)
  • Previous experience in a Security or Tech Lead role in appsec, devsecops, or software development
  • Past experience securing digital assets
  • Experience working on a remote first team
  • Knowledge of api security, cloud architecture and platform security principles 
  • Previous work in a high security and/or highly regulated industry

Sound cool? Let's work together.

Notice for Colorado applicants as required by sb19-085 (8-5-20). Target annual salary for this role performed in Colorado, is $175,100 + target bonus + target equity + benefits (including medical, dental, vision and 401(k)). 

ID: G2253

Please note that for employees based in the US, Philippines, Canada or Singapore, if your role requires you to be present in a Coinbase office or if you choose to be physically present in a Coinbase office or sponsored location, you will be required to be fully vaccinated from COVID-19 (as defined by applicable law).  If you receive an offer, you will receive additional information about the grounds and process for an exemption.

Commitment to Equal Opportunity

Coinbase is committed to diversity in its workforce and is proud to be an Equal Opportunity Employer.  All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, gender, national origin, age, disability, veteran status, sex, gender expression or identity, sexual orientation or any other basis protected by applicable law. Coinbase will also consider for employment qualified applicants with criminal histories in a manner consistent with applicable federal, state and local law.  For US applicants, you may view Pay Transparency, Employee Rights and Equal Employment Opportunity is the Law notices by clicking on their corresponding links.  Additionally, Coinbase participates in the E-Verify program in certain locations, as required by law.    

Coinbase is also committed to providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation because of a disability for any part of the employment process, please send an e-mail to accommodations[at]coinbase.com and let us know the nature of your request and your contact information.  For quick access to screen reading technology compatible with this site click here to download a free compatible screen reader (free step by step tutorial can be found here).

Global Data Privacy Notice for Job Candidates and Applicants

Depending on your location, the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA) may regulate the way we manage the data of job applicants. Our full notice outlining how data will be processed as part of the application procedure for applicable locations is available here. By submitting your application, you are agreeing to our use and processing of your data as required.