Senior Analyst, Tech Risk
Coinbase
CloudCyber SecuritySQL
Salary
💰 ₹5,510,500 per year
Job Level
Senior
Tech Stack
CloudCyber SecuritySQL
About the role
- Conduct independent second line assessments of technology and cybersecurity risks, ensuring alignment with Coinbase’s risk appetite and regional regulatory expectations.
- Execute and sustain governance controls and oversight mechanisms to ensure ongoing compliance with MAS TRM, RBI Cybersecurity Framework (CSF), and other applicable regional regulations.
- Review and challenge the effectiveness of technology and cyber controls implemented by the First Line of Defense and global teams.
- Develop, track, and report on Key Risk Indicators (KRIs) and control metrics to support continuous monitoring and risk-informed decision making.
- Localize and assess global technology, security policies and standards to ensure they meet jurisdiction-specific regulatory requirements.
- Partner with engineering, product, and cybersecurity teams to strengthen detection, response, and remediation capabilities for security incidents.
- Prepare materials for senior governance forums, including operations and risk oversight committees and board-level reporting.
- Maintain documentation to support regulatory submissions, internal audits, and assurance reviews.
- Present clear, data-driven risk and control insights to senior management and cross-functional stakeholders.
- Effectively communicate risk issues and recommendations across technical and non-technical audiences.
Requirements
- 5+ years of experience in technology governance, risk management, or compliance, preferably within financial services or a regulated technology environment.
- Strong working knowledge of MAS Technology Risk Management (TRM) Guidelines, Cyber Hygiene Notices, Outsourcing Guidelines, and Business Continuity Management (BCM) Guidelines, as well as the RBI Cybersecurity Framework (CSF).
- Familiarity with global technology and risk frameworks such as NIST CSF, COBIT, and ITIL.
- Deep understanding of risk management principles, including technology risk identification, assessment, control design, and monitoring.
- Demonstrated experience leading or supporting remediation projects driven by regulatory changes or audit findings.
- Ability to analyze and synthesize ambiguous or incomplete inputs into clear, actionable plans.
- Experience working in cloud-native environments and navigating associated risks and controls.
- Proficiency in using data and metrics to drive risk-informed decisions and communicate risk posture effectively.
- Prior experience engaging with auditors and regulators, including regulatory reporting and audit response preparation.
- Proven ability to manage multiple stakeholders and competing priorities in a fast-paced, cross-functional environment.
- Proficiency in SQL, ideally in Snowflake or a similar data platform. (Nice to have)
- Experience with Looker or other business intelligence and data visualization tools. (Nice to have)
- Background in high-security or highly regulated industries such as fintech, crypto, or traditional financial services. (Nice to have)
- Professional certifications such as CRISC, CISSP, CISM, or other relevant designations. (Nice to have)
- Bachelor’s degree in Information Security, Computer Science, Engineering, or a related technical discipline. (Nice to have)
