Infrastructure Security Engineer

Are you ready to push your limits and take on exciting challenges?

At Coinbase, we are on a mission to enhance economic freedom globally, an ambitious goal that requires our utmost dedication every day as we build the future of the global financial system through blockchain technology.

We are searching for a dedicated candidate who is not only passionate about our mission but also believes in the transformative power of crypto and blockchain. If you aspire to make a significant impact, thrive under pressure, and seek continuous growth through feedback, we want you to join our team. Here, you will tackle complex challenges and collaborate with exceptionally skilled colleagues.

Our work culture is rigorous and might not suit everyone, but if you are driven to shape the future alongside top professionals who share high expectations, this is the right environment for you.

While many roles at Coinbase embrace a remote-first approach, we emphasize in-person collaboration throughout the year. Team and company-wide offsites are organized multiple times annually for fostering connection and alignment, and attendance is encouraged and supported.

The Infrastructure Security (InfraSec) team is crucial in safeguarding Coinbase's foundational infrastructure and platform services. In this role, you will collaborate closely with engineering teams to design, implement, and automate advanced security solutions in complex cloud and container environments. Your deep expertise in technologies such as Kubernetes and AWS will position you as a trusted advisor to cross-functional teams and senior leaders, guiding strategic decisions that balance security, scalability, and business enablement.

Key Responsibilities:

• Design, implement, and maintain security controls across multi-cloud environments (AWS, GCP, etc.), Kubernetes clusters, and containerized workloads (Docker).
• Develop secure-by-default patterns for infrastructure-as-code (Terraform) and container orchestration platforms.
• Write code in Go to automate security processes, enforce guardrails, and integrate security solutions.
• Conduct security reviews of cloud architecture, data platforms (e.g., Snowflake, Databricks), and routing configurations to identify vulnerabilities and recommend enhancements.
• Partner with engineering teams to embed security in the design and deployment of platform services.
• Collaborate with cross-functional teams to align security initiatives with business objectives, balancing security, risk, and enablement.
• Assess security needs during mergers and acquisitions (M&A), ensuring that acquired companies are integrated securely into established frameworks.
• Influence senior leaders and stakeholders on technical decisions, risk management strategies, and trade-offs for secure and scalable outcomes.
• Drive continuous improvement of security policies, threat detection mechanisms, and incident response automation.

What We Look For:

• 7+ years of experience in infrastructure security with strong expertise in AWS and Kubernetes, and deep knowledge in at least one of these technologies.
• Proficiency in coding with Go for automation and guardrails, and experience deploying infrastructure with Terraform.
• Expertise in modern cloud and containerized platform technologies, including securing data platforms (e.g., Snowflake, Databricks) and cloud edge security.
• Demonstrated ability to partner with engineering, product, and business teams to align security initiatives with broader company goals.
• Experience influencing senior leaders and stakeholders on technical decisions, risk trade-offs, and enablement strategies.
• Execution-focused mindset, adept at navigating ambiguity and delivering impactful results.
• Dedication to advancing an open financial system that connects people worldwide.

Preferred Qualifications:

• Experience with hybrid cloud and on-prem environments, including platforms like GCP and Vercel, alongside AWS and on-prem systems.
• Proficiency in creating Rego rules for Open Policy Agent (OPA) or similar tools to enforce security policies at scale.
• Experience with physical networking and data center security, including securing physical infrastructure and managing network hardware.