Senior Analyst, Tech Risk and Controls

coinbaseRemotegreenhouse
Posted Date:

September 25, 2025

Employment Type:

Not specified

Work Arrangement:

Remote

Skills & Technologies

Security & Privacypreferred

Contact Information

Job Description

Ready to be pushed beyond what you think you’re capable of?

At Coinbase, our mission is to increase economic freedom in the world. It’s a massive, ambitious opportunity that demands the best of us, every day, as we build the emerging onchain platform — and with it, the future global financial system.

To achieve our mission, we’re seeking a very specific candidate. We want someone who is passionate about our mission and who believes in the power of crypto and blockchain technology to update the financial system. We want someone who is eager to leave their mark on the world, who relishes the pressure and privilege of working with high caliber colleagues, and who actively seeks feedback to keep leveling up. We want someone who will run towards, not away from, solving the company’s hardest problems.

Our work culture is intense and isn’t for everyone. But if you want to build the future alongside others who excel in their disciplines and expect the same from you, there’s no better place to be.

While many roles at Coinbase are remote-first, we are not remote-only. In-person participation is required throughout the year. Team and company-wide offsites are held multiple times annually to foster collaboration, connection, and alignment. Attendance is expected and fully supported.

Coinbase is looking for a creative and analytical Senior Analyst of Technology Risk & Controls. You will serve as a member of the Coinbase Technology Risk & Controls team and support the implementation and maturity of our technology and security controls lifecycle program. This role is crucial in maturing our continuous controls monitoring program, ensuring the effectiveness and efficiency of our technology and security controls. The ideal candidate will possess a strong background in controls, coupled with robust technical skills in data analysis and a preference for low-code/no-code platform automation.

What you’ll be doing (ie. job duties):

    • Continuous Controls Monitoring (CCM) Program Maturity: Lead initiatives to enhance and mature our CCM program, including identifying new opportunities for automation, improving data quality, and expanding monitoring coverage.
    • Data Analysis and Reporting: Utilize data analysis tools and techniques to monitor control effectiveness, identify anomalies, and generate actionable insights and reports for stakeholders.
    • Automation Development: Develop and implement automated solutions using low-code/no-code platforms to streamline control testing, monitoring, and reporting processes.
    • Documentation and Training: Develop and maintain comprehensive documentation for controls and processes, and provide training to internal teams on control best practices and monitoring procedures.
    • Maintain an industry pulse: Maintain awareness of international regulation, emerging threats, forecasts, policies, and benchmarks

What we look for in you (ie. job requirements):

    • 6+ years of experience working in a 1 or 2 LoD controls management function and/or Governance, Risk, and Compliance organization.
    • Technical Data Analysis Skills: Proficiency in data analysis tools (e.g., SQL, Python, R, Excel, Looker, Snowflake) and techniques for extracting, transforming, and analyzing large datasets
    • Comfortable working with project management tooling (e.g. Jira, Archer) and quant and qualitative data analytics tooling.
    • Control domain knowledge: Ability to dig into our technology and security stack to understand our controls and in turn articulate and propose candidates for automation
    • Clear/concise communicator and writer; experience drafting/operationalizing project plans across stakeholders, holding teams accountable, and documenting deliverables to varying levels of junior and senior stakeholder audiences. Ability to translate controls/risk standards out of compliance speak and into functional requirements and across varying levels of technical stakeholders.
    • Navigating ambiguity and complexity: Ability to manage a queue against strategic priorities and shows expertise in being able to handle multiple assessments at a time. You are comfortable operating on an unpaved road and dealing with ambiguity.
  • Control domain knowledge and best practices: Familiarity with standards and frameworks e.g. ISO 27001/5, NIST CSF, COBIT, ITIL, DORA, and risk quantification methodologies to measure controls/risk