Be an early applicantLess than 25 applicants

This job has closed.

Company

Original Job Post

Coinbase · 4 days ago

Product Security Engineer, Assessments

New York, NY

Full-time

Onsite

Entry, Mid Level

$148K/yr - $174K/yr

2+ years exp

Wonder how qualified you are to the job?

Maximize your interview chances

BitcoinBlockchain

H1B Sponsorship

Comp. & Benefits

Insider Connection @Coinbase

Discover valuable connections within the company who might provide insights and potential referrals, giving your job application an inside edge.

Responsibilities

You will prioritize and perform pen testing including, but not limited to the following: web applications and APIs, Web3 (ex: DApp, NFTs etc), Cloud infrastructures (AWS), Mobile applications and APIs.

As a member of the security assessment team, you will be responsible for Threat Modeling of applications, systems and/or services.

You will be responsible for supporting the development of processes and procedures to ensure cross-functional SLAs are exceeded.

You will review and analyze existing code bases to uncover vulnerabilities, and provide teams with recommended fixes.

As a member of the security assessment team, you will assist in the development of frameworks and automated tools to be leveraged during assessments.

Collaborate with trusted partners to support scoping assessments, environment setup/configuration, project management, troubleshooting and vulnerability remediation testing.

You will be responsible for triaging and support of the public Bug Bounty program. This will include, but is not limited to: tiered support, documentation, stakeholder management, risk ranking, on-call rotation and researcher feedback.

Pick up other duties as assigned.

Qualification

Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.

ProgrammingThreat ModelingMobile Application SecurityWeb Application SecuritySource Code AuditPenetration TestingBug Bounty TriageCode ReviewsAutomationPython ScriptsSeleniumWeb3/Crypto SpaceProblem-SolvingCommunicationHigh Security Industry ExperienceRegulatory Compliance PCIRegulatory Compliance SOCRegulatory Compliance NISTApplied CryptographyCryptographic ResearchExploit DevelopmentSecurity ResearchOpen Source Contributions

Required

2+ years of programming experience or ability in one of our core languages such as Ruby, Golang, JavaScript, Java/C++, Python, Swift/Kotlin

Fluency in a risk and threat modeling methodology

Mobile or Web Application Security experience including source code audit, penetration testing, bug bounty triage, or code reviews

Experience in the automation of manual processes using tools like Python Scripts, Selenium, Playwright, etc

Ability to understand and solve complex problems independently

Strong written and verbal communication skills, specifically on security topics

Some personal or professional experience with exploitation/auditing in the Web3/crypto space

Preferred

Experience working in a high security and/or highly regulated industry (ex: PCI, SOC, NIST, etc)

Experience in applied cryptography and/or cryptographic research

Experience in exploit development and/or security research

Open source security tooling contributions

Benefits

Medical

Dental

Vision

401(k)

Company

Coinbase

Glassdoor

3.7

Coinbase is a cryptocurrency exchange and cryptocurrency wallet platform that allows users to buy, sell, and store various cryptocurrencies.

Founded in 2012

San Francisco, California, USA

1,001-5,000 employees

http://www.coinbase.com

H1B Sponsorship

Coinbase has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)

Distribution of Different Job Fields Receiving Sponsorship

Trends of Total Sponsorships

2023 (69)

2022 (233)

2021 (235)

2020 (75)