Security Engineer at Coinbase

Job Description

Key Responsibilities

• Perform comprehensive security assessments of blockchain protocols and smart contracts to detect vulnerabilities, logical flaws, and potential attack vectors through code audits, penetration testing, and protocol analysis.
• Develop threat models for blockchain architectures, evaluating security risks such as consensus failures, transaction malleability, and smart contract exploits, and proposing actionable mitigation strategies.
• Collaborate with developers, product managers, and engineers to design and implement new security frameworks, analysis tools, and products that address emerging threats and improve system robustness.
• Establish and document best practices for blockchain security, including secure coding standards, cryptographic protocols, and decentralized application (dApp) security guidelines, to ensure adoption across teams.
• Conduct regular risk assessments to prioritize security threats based on their severity, likelihood of exploitation, and potential impact on user assets or network integrity.
• Engage with stakeholders to communicate security findings, recommend improvements, and ensure alignment between security protocols and business objectives.

Job Requirements

• Minimum of 3 years of hands-on experience in blockchain security, with a proven track record in smart contract audits, protocol analysis, and threat modeling for decentralized systems.
• Strong technical expertise in blockchain technologies, including consensus mechanisms, cryptographic algorithms, and smart contract development frameworks such as Solidity, Vyper, or Rust.
• Proficiency in security tools and methodologies, including static code analysis, dynamic testing, and penetration testing for blockchain applications and protocols.
• Excellent problem-solving skills to analyze complex security challenges, identify root causes, and design scalable solutions for blockchain ecosystems.
• Ability to work independently and collaboratively with cross-functional teams to integrate security practices into product development cycles and engineering standards.
• Preferred experience with blockchain platforms such as Ethereum, Hyperledger, or Polkadot, and familiarity with security frameworks like OWASP, NIST, or ISO 27001.
• Strong communication skills to present technical findings to non-technical stakeholders and document security strategies for internal and external use.
• Knowledge of decentralized finance (DeFi) security, tokenomics, and smart contract interaction patterns to address specific risk scenarios in blockchain projects.
• Experience with automation tools for security testing, including writing scripts for vulnerability scanning, monitoring network behavior, and analyzing transaction patterns.
• Ability to stay updated with the latest blockchain security threats, research, and industry trends to continuously improve security strategies and frameworks.