Senior Analyst, Tech Risk

coinbaseRemotegreenhouse
Posted Date:

September 25, 2025

Employment Type:

Not specified

Work Arrangement:

Remote

Skills & Technologies

Security & Privacypreferred

Contact Information

Job Description

Ready to be pushed beyond what you think you’re capable of?

At Coinbase, our mission is to increase economic freedom in the world. It’s a massive, ambitious opportunity that demands the best of us, every day, as we build the emerging onchain platform — and with it, the future global financial system.

To achieve our mission, we’re seeking a very specific candidate. We want someone who is passionate about our mission and who believes in the power of crypto and blockchain technology to update the financial system. We want someone who is eager to leave their mark on the world, who relishes the pressure and privilege of working with high caliber colleagues, and who actively seeks feedback to keep leveling up. We want someone who will run towards, not away from, solving the company’s hardest problems.

Our work culture is intense and isn’t for everyone. But if you want to build the future alongside others who excel in their disciplines and expect the same from you, there’s no better place to be.

While many roles at Coinbase are remote-first, we are not remote-only. In-person participation is required throughout the year. Team and company-wide offsites are held multiple times annually to foster collaboration, connection, and alignment. Attendance is expected and fully supported.

We are looking for a skilled Technology Risk & Controls Analyst to join our APAC Second Line of Defense (2LOD) team. In this role, you will provide crucial 2LOD oversight of technology and cybersecurity risks, with a strong emphasis on aligning with the Monetary Authority of Singapore (MAS) Technology Risk Management (TRM) Guidelines and other APAC regional regulatory frameworks. As part of the regional technology risk function, your responsibilities will include conducting independent risk assessments, offering credible challenges to first-line activities, and monitoring the effectiveness of technology controls. You will collaborate cross-functionally to ensure that emerging risks are identified, assessed, and appropriately mitigated to maintain a robust risk posture.

What you’ll be doing (ie. job duties):

    • Conduct independent second line assessments of technology and cybersecurity risks, ensuring alignment with Coinbase’s risk appetite and regional regulatory expectations.
    • Execute and sustain governance controls and oversight mechanisms to ensure ongoing compliance with MAS TRM, RBI Cybersecurity Framework (CSF), and other applicable regional regulations.
    • Review and challenge the effectiveness of technology and cyber controls implemented by the First Line of Defense and global teams.
    • Develop, track, and report on Key Risk Indicators (KRIs) and control metrics to support continuous monitoring and risk-informed decision making.
    • Localize and assess global technology, security policies and standards to ensure they meet jurisdiction-specific regulatory requirements.
    • Partner with engineering, product, and cybersecurity teams to strengthen detection, response, and remediation capabilities for security incidents.
    • Prepare materials for senior governance forums, including operations and risk oversight committees and board-level reporting.
    • Maintain documentation to support regulatory submissions, internal audits, and assurance reviews.
    • Present clear, data-driven risk and control insights to senior management and cross-functional stakeholders.
    • Effectively communicate risk issues and recommendations across technical and non-technical audiences.

What we look for in you (ie. job requirements):

    • 5+ years of experience in GRC, technology governance, risk management, or compliance, preferably within financial services or a regulated technology environment.
    • Strong working knowledge of MAS Technology Risk Management (TRM) Guidelines, Cyber Hygiene Notices, Outsourcing Guidelines, and Business Continuity Management (BCM) Guidelines, as well as the RBI Cybersecurity Framework (CSF).
    • Familiarity with global technology and risk frameworks such as NIST CSF, COBIT, and ITIL.
    • Deep understanding of risk management principles, including technology risk identification, assessment, control design, and monitoring.
    • Demonstrated experience leading or supporting remediation projects driven by regulatory changes or audit findings.
  • Ability to analyze and synthe