Ready to be pushed beyond what you think you're capable of?
At Coinbase, our mission is to increase economic freedom in the world.
To achieve our mission, we're seeking a very specific candidate.
We want someone who is passionate about our mission and who believes in the power of crypto and blockchain technology to update the financial system.
We want someone who is eager to leave their mark on the world, who relishes the pressure and privilege of working with high-caliber colleagues, and who actively seeks feedback to keep leveling up.
We want someone who will run towards, not away from, solving the company's hardest problems.
Our work culture is intense and isn't for everyone. But if you want to build the future alongside others who excel in their disciplines and expect the same from you, there's no better place to be.
Security is a primary competency at Coinbase, and the Security Team keeps a watchful eye over every aspect of it.
Every day, we go to battle against some of the most sophisticated attackers in the world to protect billions of dollars worth of digital assets and ensure that our customers and employees can enjoy a safe, trusted experience.
As Coinbase scales globally, our team is scaling along with it, using a blend of tooling, automation, and strategic team growth to ensure that we're well-equipped to protect the next billion users of crypto.
Job Description
Blockchain Security (BlockSec) Team's Mission
Our mission is to secure funds and data from protocols to wallets.
Coinbase has a unique opportunity: enabling our customers to easily and securely interface with blockchains, a.k.a. digital asset networks, a.k.a. cryptocurrencies.
Blockchains are a cutting-edge technology, with many unique security considerations for any entity that supports interaction with them.
Understanding those unique considerations requires deep expertise in blockchains and the ability to maintain that expertise over time.
Onchain Development
Onchain is the new online. We want to bring 1B+ people onchain in the most secure way possible.
We want to provide them secure platforms and tools to build and interact with exciting applications.
Protocol Security
Protocol Security ensures the security of all onchain development at Coinbase.
We partner closely with product teams to make sure that our users can safely and confidently engage with the onchain world.
Responsibilities
* Identify gaps in our security infrastructure and drive cross-function efforts to address them.
* Perform security assessments, framework development, and threat modeling of assets, including various blockchain protocols, smart contracts, and other distributed ledger tech.
* Partner with software engineering teams to advise on code and architecture for internal smart contract development.
* Partner with internal tooling teams to drive the roadmap and vision for internal Coinbase blockchain security tools.
* Identify automation opportunities in our tooling and processes, deliver a Proof of Concept, and write detail technical requirements.
* Investigate impactful changes to the space, blockchain upgrades, and novel innovations such as zero-knowledge proofs and bleeding-edge blockchain protocols.
* Publish blogs and give talks (internal and external) on newfound vulnerabilities, incident investigations, unique integration risks, and related topics.
Requirements
* Strong understanding of blockchains (particularly EVM chains) and highly "crypto forward".
* Extensive experience in architecture and threat modeling of security-critical backend crypto systems.
* Familiar with the threat model of a crypto custodian, including common vulnerabilities and pitfalls for systems that custody cryptocurrency.
* Familiar with all the fundamentals of onchain activity - blockchain explorers, funds tracing, bridging, DEXs, NFTs, smart contracts.
* Familiar with recent innovations such as restaking and the various EIPs currently being considered.
* Ability to provide leadership and mentorship to coworkers.
* Experience in a highly cross-functional role and/or leading a team.
* Excellence in clear, direct, and kind communication with technical and non-technical stakeholders.
Nice to Haves
* Knowledge of security architecture of non-EVM based blockchains.
* Deep understanding of cryptography such as zk-SNARKs, FHE and MPC.