Security Analyst at Coinbase
Full Time1 month ago
Employment Information
Job Description
As a Senior Security Analyst within the CSIRT team, you will serve as the first line of response for security alerts, ensuring timely triage and analysis of potential threats. This role requires leading incident response and management efforts when necessary, coordinating with cross-functional teams to mitigate risks and resolve security incidents effectively. You will refine our alerting rules to improve the signal-to-noise ratio, reducing false positives and enhancing the accuracy of threat detection. This involves analyzing existing rules, identifying areas for improvement, and implementing changes to optimize the efficiency of the security operations center (SOC) processes. When an incident occurs repeatedly, you will create detailed runbooks to standardize response procedures. If the same issue arises three times, you will develop automation solutions to streamline these processes, minimizing manual intervention and improving response times. You will collaborate closely with the Trust & Safety and Threat Intelligence teams to conduct in-depth attacker investigations, contributing to the development of comprehensive TTP (Tactics, Techniques, and Procedures) profiles. This includes analyzing attack patterns, identifying threat actors, and sharing insights to enhance the organization's overall security posture. You will be part of a light on-call rotation, working with colleagues across multiple time zones to ensure 24/7 security monitoring and support. This involves being available during critical hours, responding to urgent alerts, and maintaining a flexible schedule to accommodate global operations. You will lead a culture of excellence by mentoring peers and sharing knowledge. This includes providing guidance to junior analysts, conducting training sessions, and fostering a collaborative environment that promotes continuous learning and professional growth. You will work with cross-functional teams such as engineering, product development, and compliance to ensure timely incident response. This involves aligning with these teams to address security vulnerabilities, implement necessary changes, and maintain compliance with regulatory standards.
Key Responsibilities
- Act as the primary responder for security alerts, prioritizing and analyzing threats to determine their severity and impact on organizational assets.
- Lead incident response and management initiatives, including coordinating with internal stakeholders and external partners to resolve security incidents efficiently.
- Continuously refine and optimize alerting rules to reduce noise and improve the detection of genuine threats, ensuring the SOC operates with maximum precision.
- Develop and maintain runbooks for recurring incidents, implementing automation strategies to minimize repetitive tasks and enhance operational scalability.
- Collaborate with Trust & Safety and Threat Intelligence teams to investigate attacker behavior, document TTP profiles, and contribute to threat intelligence sharing.
- Participate in a global on-call rotation, ensuring round-the-clock monitoring and rapid response to critical security events across different time zones.
- Establish and promote a culture of excellence by mentoring junior analysts, sharing best practices, and fostering knowledge transfer within the team.
- Engage with engineering, product development, and compliance teams to ensure alignment on security protocols, address vulnerabilities, and maintain regulatory compliance.
Job Requirements
- Proven experience as a security analyst, with a strong background in incident response, threat detection, and SOC operations.
- Advanced knowledge of security tools and platforms, including SIEM systems, log analysis, and threat intelligence frameworks.
- Ability to design and implement automated workflows to streamline repetitive tasks and improve operational efficiency.
- Excellent communication skills to collaborate with cross-functional teams and present findings to non-technical stakeholders.
- Strong analytical mindset and problem-solving abilities to identify root causes of security incidents and develop effective mitigation strategies.
- Experience with runbook development and incident management processes, including documentation and standardization of procedures.
- Proficiency in scripting and automation technologies (e.g., Python, PowerShell) to enhance incident response capabilities.
- Knowledge of cybersecurity frameworks (e.g., NIST, ISO 27001) and regulatory compliance requirements (e.g., GDPR, HIPAA).
- Ability to work independently and as part of a team, maintaining a proactive approach to security monitoring and threat hunting.
- Excellent time management and adaptability to handle high-pressure situations and shifting priorities in a dynamic security environment.
Share this
Similar jobs
New Things Will Always
Update Regularly
