Please note that Coinbase no longer supports this browser. We recommend upgrading to the latest Google Chrome or Firefox.

IT/Security Audit Specialist

San Francisco, CA

Back To All Jobs

IT/Security Audit Specialist
San Francisco, CA

Reporting to the Head of Internal Audit, the IT/Security Audit Specialist will identify relevant risks & controls related to IT and cybersecurity. They will help implement and execute a consistent risk analysis framework, test business-level validation of control effectiveness, and assist in the auditing and reporting of cybersecurity and data privacy compliance.

Duties and Responsibilities:

  • Assist Internal Audit in implementing the Enterprise Risk Management program, particularly as it applies to cybersecurity & data privacy.
  • Participate in regular audits, which include risk assessment review, audit scoping, identifying and testing processes/controls, and reviewing specific recommendations related to cybersecurity & data privacy regulatory & compliance programs and initiatives.
  • Recognize, understand, and analyze root causes, patterns, or trends that could result in risk to cybersecurity & data privacy and the organization. Identify and implement corrective action where appropriate consistent with ERM objectives.
  • Ensure that Coinbase maintains adequate risk controls to facilitate compliance with laws and regulations related to cryptocurrencies and security infrastructure.
  • Support business lines for implementation, risk analysis, and testing of new products and services providing an internal control perspective to identify control gaps and recommendations for improvement.


  • 4+ combined years experience in risk management, audit, and/or penetration testing.
  • Excellent communication skills, interpersonal skills, and analytical skills.
  • Ability to multi-task in a rapidly changing environment.
  • Demonstrated ability to work independently and execute effectively.
  • Strong project management skills -- organized, logical, methodical, strong attention to detail.
  • Passion for data security.
  • Extensive knowledge of cybersecurity and data privacy regulations (e.g., PCI, GLBA, SOC, ISO27001, GDPR)

Apply For This Job
* = required field