Senior Security Engineer focused on automating Identity and Access Management at Coinbase. Involves design and development of security tools and frameworks to enhance organizational security posture.
Responsibilities
Design, develop, and maintain internal tools and services (primarily in Go) to automate the IAM lifecycle and security review processes.
Build "Guardrails-as-Code" to detect and remediate overly permissive roles or misconfigurations across a diverse set of in-house developed and SaaS applications.
Prototype and implement AI-driven solutions (such as LLM-based analysis or anomaly detection) to categorize access patterns and provide intelligent recommendations for rightsizing permissions.
Create developer-centric tools that allow engineering teams to manage their own access securely, reducing friction while maintaining strict security standards.
Serve as the subject matter expert for complex IAM architecture decisions, ensuring that automation logic aligns with industry frameworks (like Zero Trust and NIST).
Requirements
Bachelor’s or Master’s in Computer Science, Computer Engineering, Cybersecurity, or a related field.
Deep understanding of IAM primitives (Service Accounts, OIDC, SAML, RBAC vs. ABAC).
Strong proficiency in Python, Go, or Node.js. Experience with Git, CI/CD pipelines, and writing clean, maintainable code.
Experience in leveraging LLMs to enable self-serve and autonomous capabilities.
Familiarity with microservices architecture.
Demonstrated experience managing workforce access, logging, and auditing in a fast-paced hyper-growth environment (FinTech or crypto preferred), with a strong understanding of navigating strict regulatory landscapes, such as SOX compliance.
Experience with data engineering basics (SQL, Snowflake, or Databricks) to analyze large-scale access logs.
Background in Application Security.
Benefits
Pay Transparency Notice: The target annual base salary for this position can range as detailed below. Total compensation may also include equity and bonus eligibility and benefits (including medical, dental, and vision).
Hiring a Threat Modeler / Security Architect with development background for hybrid full - time role in Canada, focusing on application security, threat modeling, and DevSecOps.
Network and Perimeter Security IT Specialist I at Enbridge overseeing enterprise security architecture and leading large - scale security initiatives. Collaborating across teams to ensure secure solutions and compliance.
Network & Perimeter Security Specialist II - Firewall at Enbridge enhancing security architectures. Providing technical leadership and driving enterprise standards for firewall and network security.
Lead critical cybersecurity transformation programmes at Hewlett Packard Enterprise, ensuring alignment with enterprise priorities and delivering complex initiatives. Collaborate with IT, cybersecurity, and business leaders.
Staff Engineer responsible for designing scalable security solutions and collaborating with engineering at Twilio. Empowering security partnerships across products and platforms while mitigating risks.
Head of Infrastructure & Security responsible for cloud infrastructure on GCP and security programs. Leading SaaS development and technical teams at Rebus and Longbow Advantage.
Information Security Lead responsible for managing security programs at Dentons Canada. Overseeing security architecture, operations, incident response, and data protection initiatives.
Cybersecurity expert overseeing information defense, threat detection, and incident response at Investissement Québec. Leading security operations and leveraging AI for effective asset protection.
Lead cybersecurity initiatives and develop strategy for public broadcaster CBC/Radio - Canada. Shape technology road map, collaborate on enterprise architecture, and ensure policy compliance.
Senior Product Security Consultant at CENSUS LABS evaluating software security and threats. Responsible for validating security compliance and reporting on risks in complex systems.