Senior Threat Researcher, Security in Portland, OR

$80K - $100K(Ladders Estimates)

Coinbase   •  

Portland, OR 97201

Industry: Finance & Insurance


Not Specified years

Posted 46 days ago

Coinbase has built the world's leading compliant cryptocurrency platform serving over 30 million accounts in more than 100 countries. With multiple successful products, and our vocal advocacy for blockchain technology, we have played a major part in mainstream awareness and adoption of cryptocurrency. We are proud to offer an entire suite of products that are helping build the crypto economy, and increase economic freedom around the world.

There are a few things we look for across all hires we make at Coinbase, regardless of role or team. First, we assess whether a candidate demonstrates our values: Clear Communication, Positive Energy, Efficient Execution, and Continuous Learning. Second, we look for signals that a candidate will thrive in a culture like ours, where we default to trust, embrace feedback, disrupt ourselves, and expect sustained high performance because we play as a championship team. Finally, we seek people with the desire and capacity to build and share expertise in the frontier technologies of crypto and blockchain, in whatever way is most relevant to their role.

Security Operations Team (Threat Intelligence)

Security is a primary competency at Coinbase, and the Security Operations team keeps a watchful eye over every aspect of it. Every day, we go to battle against some of the most sophisticated attackers in the world to protect billions of dollars worth of digital assets and ensure that our customers and employees can enjoy a safe, trusted experience. As Coinbase scales globally, our team is scaling along with it, using a blend of tooling, automation, and strategic team growth to ensure that we're well-equipped to protect the next billion users of crypto.

What you'll be doing:

The Security Operations group is a multi-functional organization that includes our CSIRT, Trust & Safety, and Threat Intelligence. While no two days will end up looking the same, generally-speaking you'll be responsible for the following things:

  • Tracking APTs and other threat actors targeting the crypto community and broader financial industry, and providing actionable intelligence to our CSIRT and security partners.
  • Researching emerging attack trends, and uncovering attacker infrastructures and tools.
  • Monitoring and analyzing in-the-wild exploits and attacks against other crypto exchanges, determining attribution to a particular threat group, and working with our CSIRT to develop detections accordingly.
  • Sharing your most interesting findings via the Coinbase blog, internal and external presentations, and threat reports.

What we look for in you:

Some security teams have strict requirements about certifications, degrees, years of experience, and things like that. Not us! We're more interested in the unique perspectives and expertise you'll bring to the team, rather than the acronyms on your resume. However, you'll be much more likely to be successful in this role if these bullet points seem like a good description of you:

  • You've been doing novel security and threat research for a long time, and you've got a strong track record for your talks being accepted at places like DEFCON and Blackhat.
  • You regularly map attacks back to specific adversaries based on TTPs, and use OSINT and threat intelligence sources to understand APT-level adversaries and their capabilities. You effectively communicate this knowledge to the team and to the rest of the security research community.
  • You've built strong professional networks and periodically present your work through blogging, conferences, and occasionally through media publications.
  • You use large-scale datasets and sophisticated queries and analysis as a regular part of your work, and can get access to unique datasets that aren't widely available.
  • You're comfortable working with ISACs and other threat-sharing groups.

Nice to haves:

  • You would bring a diverse perspective to the team: for example, maybe you took an unconventional route to get into your current security career.
  • You've got a passing familiarity with blockchains and cryptocurrency, or at least a good story about how you thought about investing in Bitcoin in 2014 but decided not to.

Valid Through: 2019-10-29