74 Information Security jobs in Columbus

Chief Information Security Officer (CISO)

About the Company

Top-tier telecommunications company

Industry
Telecommunications

Type
Privately Held

About the Role

The Company is in need of a strategic and experienced Chief Information Security Officer (CISO) to take the lead in managing and enhancing its cybersecurity program. The CISO will be tasked with developing and executing a comprehensive security strategy that safeguards digital assets, ensures regulatory compliance, and supports the organization's growth. Key responsibilities for this role include designing and implementing an enterprise-wide information security strategy, conducting regular risk assessments, and overseeing security operations such as monitoring, threat intelligence, and incident response. The successful candidate will also be responsible for managing vendor security risk, promoting security awareness, and staying abreast of emerging threats to recommend modern security tools and technologies. Applicants for the CISO position at the company should have a Bachelor's degree in cybersecurity, information systems, or a related field, with a Master's degree preferred. A minimum of 7 years' experience in telecom, broadband, or highly regulated IT environments, and at least 5 years in a cybersecurity leadership role, is required. The role demands hands-on experience with cloud platforms and a strong knowledge of enterprise security architecture and operations. Relevant certifications such as CISSP or CISM are also preferred. The ideal candidate will possess excellent leadership, communication, and problem-solving skills, and be capable of reporting on the security program's performance to executive leadership.

Travel Percent
Less than 10%

Functions

• Information Technology
• Engineering

Summary:

Responsible for developing and implementing a comprehensive cybersecurity strategy for the Bank. Including, establishing security policies, managing security risks, and ensuring compliance with regulations and standards.

Qualifications:

Education: Bachelor of Science in Information Security, Computer Forensics or related field.

Licenses/Certifications: Certified Information Systems Security Professional ("CISSP"); Certified Information Systems Auditor ("CISA"); Certified in Risk and Information Systems Control ("CRISC"); Certified Information Security Manager ("CISM"); or other equivalent certification required.

Experience: A minimum of seven years of experience in information security. Advanced knowledge of GLBA and compliance related regulations requirements and knowledge of applicable banking policies, procedures, laws, and regulations. Managerial experience must evidence a high level of proficiency at: leading geographically dispersed teams of employees, developing junior staff, and appropriately addressing underperforming staff in close partnership with Human Resources.

Essential Functions:

A: Job Specific:

• Develop and implement a comprehensive information security/cybersecurity strategy aligned with the organization's business objectives.
• Ensure the security program aligns with proper frameworks (i.e., NIST CSF, FFIEC)
• Define and track key security metrics (KPIs/KRIs) to measure effectiveness and drive program improvements.
• Serve as primary liaison during regulatory cybersecurity and IT exams; coordinate responses and remediation.
• Conduct risk assessments, identify vulnerabilities, and develop mitigation plans.
• Establish and enforce security policies, procedures, and protocols, ensuring compliance with industry regulations and standards.
• Lead incident response efforts, including investigation, containment, and recovery.
• Educate employees on security best practices and promote a security-conscious culture.
• Work with other executives and stakeholders to integrate security measures into business operations and communicate security status to the board and other stakeholders.
• Evaluate and implement new security technologies and tools.
• Complete the annual Customer Information Security Program Risk Assessment and Report of the Information Security Officer to the Board of Directors, documenting risks, results of audits and assessments, and breaches.
• Participate in the design and oversight of an Identity and Access Management Program that encompasses all bank applications.
• Participate in Business Continuity Plan (BCP) Committee meetings, oversee the BCP updates and Business Impact Analysis, and ensure that annual BCP Testing per the BCP Test Plan occurs and is adequately documented.
• Responsible for the on-going development of the department members.
• Partners with HR in recruitment efforts, as well as, managing performance; to include but not be limited to; corrective action and/or development plans, evaluate performance and develop staff members, identify training needs and performance issues.

Knowledge/Skills/Abilities:

• The ability to communicate effectively and clearly, both in verbal and written communications, as well as, present information to groups of managers, employees, customers, and the general public.
• Excellent interpersonal skills.
• Excellent problem solving skills.
• Strong knowledge of the business area(s) that are being supported.
• Self-directed and motivated.
• The ability to manage multiple tasks.
• The ability to calculate figures as it relates to accounting processes.
• Strong leadership skills.
• The ability to manage multiple tasks.
• Technical writing, to include reports, procedure manuals, articles for publication, training documents, policies and procedures, and legal documents.
• The ability to read, analyze and interpret financial statements, government regulations, professional journals, etc.
• Must have ability to analyze and solve complex problems, develop automated systems.
• Ability to respond to common inquiries or complaints from employees, customers, regulatory agencies, or members of the business community.
• Experience in risk management and incident response.

Sutton Bank is an Equal Employment Opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, age, national origin, sexual orientation, gender identity, pregnancy, disability or protected veteran status.

Senior Information Security Executive

About the Company

Join a mission-driven online provider of musculoskeletal therapy dedicated to enhancing health and wellness.

Industry
Health, Wellness and Fitness

Type
Privately Held, VC-backed

Founded
2015

Employees

Funding
$200+ million

Categories

• Health Care
• Medical
• Personal Health
• Therapeutics
• Wellness
• mHealth

Specialties

• Digital Health
• Medical Devices
• Machine Learning
• Artificial Intelligence
• Physical Therapy
• Virtual Physical Therapy
• Digital Physical Therapy
• FDA-listed Devices
• Biofeedback
• MSK
• Musculoskeletal
• Telemedicine
• Healthcare

About the Role

We are seeking a highly skilled Senior Information Security Executive to lead our mission of transforming lives through AI. In this pivotal role, you will shape and manage a comprehensive global security strategy, emphasizing application security, compliance, and security operations. You will be responsible for creating and driving our information security roadmap, designing robust security programs, and ensuring the integrity of our company's perimeter.

As a key leader, you will navigate security incident responses, participate in security audits, and continuously refine our security policies to align with best industry practices. Collaborating with cross-functional teams, including engineering, product, operations, and HR, is vital to integrate security seamlessly into our operations.

Ideal candidates will possess around 10 years of experience building and leading security teams, demonstrating robust expertise across all facets of cybersecurity. Strong leadership abilities, effective communication skills, and a proactive security approach are essential.

Familiarity with security standards and frameworks such as ISO 27001, COBIT, and NIST CSF is a must, alongside a proven track record in conducting security audits and obtaining certifications. A background in digital health and healthcare, a deep understanding of security in high-stakes environments, and experience within a fast-growing company will set you apart. Professional security certifications and knowledge of ITIL and EMR systems are highly desirable.

Hiring Manager Title
Chief Scientific Officer

Travel Percent
Less than 10%

Functions

• Information Technology
• Engineering

Chief Information Security Officer

About the Company

Mission-driven online provider of musculoskeletal therapy

Industry
Health, Wellness and Fitness

Type
Privately Held, VC-backed

Founded
2015

Employees

Funding
$200+ million

Categories

• Health Care
• Medical
• Personal Health
• Therapeutics
• Wellness
• mHealth

Specialties

• digital health
• medical devices
• machine learning
• artificial intelligence
• physical therapy
• virtual physical therapy
• digital physical therapy
• fda-listed device
• biofeedback
• msk
• musculoskeletal
• and telemedicine
• telemedicine
• and healthcare

About the Role

The Company is seeking a Chief Information Security Officer (CISO) to join its mission of using AI to transform the lives of millions. The CISO will be responsible for developing and managing a global security strategy and program, with a focus on application security, compliance, and security operations. This role involves defining and driving the information security roadmap, architecting security programs, and ensuring the security of the company's perimeter. The successful candidate will also be tasked with leading security incident responses, participating in security audits, and continuously updating security policies to align with industry best practices. Collaboration with cross-functional teams, including engineering, product, operations, and HR, is essential to ensure that security is integrated into all aspects of the company's operations. Applicants for the CISO position at the company should have approximately 10 years' of experience in building and leading security teams, with a strong background in all aspects of cybersecurity. The role requires the ability to lead and motivate cross-functional teams, excellent communication skills, and a proactive approach to security. Experience with security standards and frameworks such as ISO 27001, COBIT, and NIST CSF is necessary, as is a proven track record in leading security audits and certifications. The ideal candidate will have a background in digital health and healthcare, a strong understanding of security in high-security environments, and experience in a high-growth company. Professional security certifications and a functional knowledge of ITIL and EMR systems are also preferred.

Hiring Manager Title
Chief Scientific Officer

Travel Percent
Less than 10%

Functions

• Information Technology
• Engineering

Join to apply for the Information Security and Risk Management Senior Analyst role at The Ohio State University Wexner Medical Center

Join to apply for the Information Security and Risk Management Senior Analyst role at The Ohio State University Wexner Medical Center

Get AI-powered advice on this job and more exclusive features.

Screen reader users may encounter difficulty with this site. For assistance with applying, please contact If you have questions while submitting an application, please review these frequently asked questions.

Current Employees And Students

If you are currently employed or enrolled as a student at The Ohio State University, please log in to Workday to use the internal application process.

Welcome To The Ohio State University's Career Site. We Invite You To Apply To Positions Of Interest. In Order To Ensure Your Application Is Complete, You Must Complete The Following

• Ensure you have all necessary documents available when starting the application process. You can review the additional job description section on postings for documents that may be required.
• Prior to submitting your application, please review and update (if necessary) the information in your candidate profile as it will transfer to your application.
  
  

• Perform typical domain administrator tasks
• Domain controller management
• Manage Group Policy
• Support for infrastructure services
• DNS (Domain Name System), certificate authority (PKI), DFS, ADFS (Active Directory Federation Services), and Duo
• Help develop the Privileged Access Management program
• Policy monitoring and compliance
• Automation and integration efforts with various systems across OSUWMC and OTDI
• Consults on major initiatives, including multiple departments, service lines, platforms and regarding the integration of information security identity and access related technologies
• Assist with the evaluation and research for strategic projects involved in new and existing products, procedures and/or workflows needs associated with identity management for the Medical Center
  
  

• An array of retirement plan options, each with a generous employer contribution.
• Affordable health insurance options, including dental, vision and prescription coverage that begin on day one.
• Paid vacation and sick leave, including short and long-term disability and paid parental leave.
• Get the most out of the Public Service Loan Forgiveness program.
• And much more!
  
  

• Seniority level Mid-Senior level

• Employment type Full-time

• Job function Finance and Sales
• Industries Hospitals and Health Care

Referrals increase your chances of interviewing at The Ohio State University Wexner Medical Center by 2x

Columbus, OH $135,000.00-$35,000.00 4 days ago

Columbus, OH 72,380.00- 90,474.50 1 week ago

Columbus, OH 90,000.00- 150,000.00 2 days ago

Columbus, OH 70,000.00- 120,000.00 2 days ago

Columbus, OH 96,110.00- 124,940.00 1 week ago

Columbus, OH 120,500.00- 272,900.00 2 weeks ago

Columbus, OH 155,000.00- 200,000.00 2 days ago

Were unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

Job DescriptionJob Description

Summary:

Responsible for conducting thorough risk assessments, identifying potential vulnerabilities, and implementing measures to fortify the Bank's digital infrastructure against threats.

Qualifications:

Education: Bachelor's Degree in systems engineering, information systems or related field.

Licenses/Certifications: Valid Ohio's Driver's License.

Experience: A minimum of five years of combined experience in Cybersecurity, Information Technology, Information Security or Data Governance, preferably in a financial institution. Or equivalent combination of education, experience and training.

Essential Functions:

Job Specific:

• Designs, develops and implements secure network solutions to ensure compliance with regulations and industry standards.
• Designs security architecture elements to mitigate threats as they emerge.
• Conducts vulnerability assessments and penetration testing, recommends solutions to resolve security identified issues/threats.
• Coordinates and conducts ongoing training and awareness for all staff.
• Manages and implements upgrading security measures for data systems and networks; troubleshoots security and network problems. Provides recommendations for security solutions.
• Responds to systems and/or network security breaches, investigating incidents in a timely manner and escalating when necessary. Collaborating with internal and external partners to implement solutions.
• Acts as a member of the incident response team.

Knowledge/Skills/Abilities:

• Excellent verbal and written communications at both business and deep technical levels.
• Identifying and testing controls.
• Strong understanding of ISO, NIST, FFIEC and other control frameworks.
• Strong understanding and experience of enterprise risk management.
• Strong leadership skills, dependable, curious, matrix-oriented, a visionary, solution oriented, delivers exemplary customer service and quality focused.
• Excellent interpersonal skills.
• Strong knowledge of the business area that is being supported.
• Self-directed and motivated.
• The ability to manage multiple tasks.
• Excellent problem-solving skills.
• Technical writing.
• Ability to read and comprehend instructions, correspondence, technical manuals and memos.
• Ability to respond to common inquiries or complaints from employees, vendors and management.
• Ability to effectively present information to individuals one-on-one or a small group setting.
• Ability to articulate technical concepts to end-users.
• Skills and knowledge of facilitation, situational awareness, conflict resolution, continual improvement, and empowerment.

Sutton Bank is an Equal Employment Opportunity employer. All qualified applicants will receive consideration for employment without regard to , , , sex, , , , , , or protected veteran status.

Job Posted by ApplicantPro

Elastic, the Search AI Company, enables everyone to find the answers they need in real time, using all their data, at scale - unleashing the potential of businesses and people. The Elastic Search AI Platform, used by more than 50% of the Fortune 500, brings together the precision of search and the intelligence of AI to enable everyone to accelerate the results that matter. By taking advantage of all structured and unstructured data - securing and protecting private information more effectively - Elastic's complete, cloud-based solutions for search, security, and observability help organizations deliver on the promise of AI.

We're always on the search for amazing people. People who have a real passion for what they do and are masters at their craft. We are looking for a Principal Information Security Architect to join our Information Security (InfoSec) team. The InfoSec team leads the strategy, policy, and programs for information security company-wide. Our responsibilities include risk management, customer trust, recommending, developing and implementing security controls, preventing and detecting security threats, and handling incident response. We do all of this in a globally distributed company, fully remote, highly async and thinking differently about how we best achieve critical information security objectives.

• Do you have experience defining and delivering cybersecurity strategies and solutions in a cloud native company?
• Do you thrive in an environment that encourages innovation, automation, and data driven decisions?

This could be your dream job, and we'd love to meet you!

• Evolving and maturing Elastic's Information Security programs, by defining, developing and implementing modern security solutions.
• Delivering security services built on a modern InfoSec Architecture, powered by data, automation and metrics.
• Owning and driving projects and maturity initiatives end-to-end to continuously improve and mature the Elastic control environment.
• Extensively using Elastic products in support of the InfoSec mission, providing valuable "Customer Zero" feedback and improvement requests to Elastic product teams.

• Proven experience as a Senior Security Architect or Engineer in a global, multi-cloud environment.
• Broadknowledge of cybersecurity and networking fundamentals
• Strong understanding of modern cloud security principles and security tooling, including (as examples) SIEM, Cloud Security Posture Management, SaaS Data Loss Prevention, and Cloud Identity & Access Management.
• Ability and keenness to drive projects from ideation to implementation, while leading vendor relationship and influencing internal teams for adoption.
• Experience planning, building and operating security solutions as part of a highly integrated and automated security architecture, possibly with AI.
• A passion for engineering security solutions using cloud native technologies and modern engineering practices like Infrastructure-as-Code and Compliance-as-Code.
• Bonus points if your experience includes production usage of Elastic products at scale.
• Double Bonus if you have the experience above in a growing SaaS company!

Compensation for this role is in the form of base salary.This role does not have a variable compensation component.

The typical starting salary range for new hires in this role is listed below.In select locations (including Seattle WA, Los Angeles CA, the San Francisco Bay Area CA, and the New York City Metro Area), an alternate range may apply as specified below.

These ranges represent the lowest to highest salary we reasonably and in good faith believe we would pay for this role at the time of this posting.We may ultimately pay more or less than the posted range, and the ranges may be modified in the future.

An employee's position within the salary range will be based on several factors including, but not limited to, relevant education, qualifications, certifications, experience, skills, geographic location, performance, and business or organizational needs.

Elastic believes that employees should have the opportunity to share in the value that we create together for our shareholders. Therefore, in addition to cash compensation, this role is currently eligible to participate in Elastic's stock program.Our total rewards package also includes a company-matched 401k with dollar-for-dollar matching up to 6% of eligible earnings, along with a range of other benefits offered with a holistic emphasis on employee well-being.

The typical starting salary range for this role is:

$159,800-$52,800 USD

The typical starting salary range for this role in the select locations listed above is:

191,900- 303,500 USD

As a distributed company, diversity drives our identity. Whether you're looking to launch a new career or grow an existing one, Elastic is the type of company where you can balance great work with great life. Your age is only a number. It doesn't matter if you're just out of college or your children are; we need you for what you can do.

We strive to have parity of benefits across regions and while regulations differ from place to place, we believe taking care of our people is the right thing to do.

• Competitive pay based on the work you do here and not your previous salary
• Health coverage for you and your family in many locations
• Ability to craft your calendar with flexible locations and schedules for many roles
• Generous number of vacation days each year
• Increase your impact - We match up to 2000 (or local currency equivalent) for financial donations and service
• Up to 40 hours each year to use toward volunteer projects you love
• Embracing parenthood with minimum of 16 weeks of parental leave

Different people approach problems differently. We need that. Elastic is an equal opportunity employer and is committed to creating an inclusive culture that celebrates different perspectives, experiences, and backgrounds. Qualified applicants will receive consideration for employment without regard to race, ethnicity, color, religion, sex, pregnancy, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, disability status, or any other basis protected by federal, state or local law, ordinance or regulation.

We welcome individuals with disabilities and strive to create an accessible and inclusive experience for all individuals. To request an accommodation during the application or the recruiting process, please email will reply to your request within 24 business hours of submission.

Applicants have rights under Federal Employment Laws, view posters linked below: Family and Medical Leave Act (FMLA) Poster;Pay Transparency Nondiscrimination Provision Poster; Employee Polygraph Protection Act (EPPA) Poster and Know Your Rights (Poster)

Elasticsearch develops and distributes encryption software and technology that is subject to U.S. export controls and licensing requirements for individuals who are located in or are nationals of the following sanctioned countries and regions: Belarus, Cuba, Iran, North Korea, Russia, Syria, the Crimea Region of Ukraine, the Donetsk People's Republic ("DNR"), and the Luhansk People's Republic ("LNR"). If you are located in or are a national of one of the listed countries or regions, an export license may be required as a condition of your employment in this role. Please note that national origin and/or nationality do not affect eligibility for employment with Elastic.

Please seeherefor our Privacy Statement.

About Lumen

Lumen connects the world. We are igniting business growth by connecting people, data and applications – quickly, securely, and effortlessly. Together, we are building a culture and company from the people up – committed to teamwork, trust and transparency. People power progress.

We’re looking for top-tier talent and offer the flexibility you need to thrive and deliver lasting impact. Join us as we digitally connect the world and shape the future.

The Role

Black Lotus Labs is seeking a Principal Security Engineer on the Research & Analysis team. This team leverages Lumen’s global visibility of one of the world’s largest and most interconnected IP backbones and a petabyte-scale compute cluster to perform cutting edge threat research, hunting and tracking advanced persistent threat actors (APTs) and emerging criminal activity as the threat actors traverse the internet. They empower customers to stay ahead of the evolving threat landscape.

The Main Responsibilities

• Serve as Threat Research Subject Matter Expert, offering guidance and support to the Black Lotus Labs team on threat hunting activities, such as identifying knowledge gaps, troubleshooting technical challenges, developing solutions, and mentoring team members in overcoming obstacles. Set priorities for what threats to analyze to maximize team’s impact.

• Conduct threat research across technical data sets, fusing Black Lotus Labs telemetry with third party data sets, to automate detection of the latest threat attacker tools, techniques and procedures (TTPs) with a goal of automating detection.

• Use industry-leading technical knowledge of adversary capabilities and infrastructure and define, develop, and implement techniques to lead the team in tracking sophisticated adversaries, delivering actionable threat intelligence data to Lumen customers.

• Lead and enhance threat hunting operations by actively engaging with other research teams, building strong partnerships to achieve shared goals, exploring new data sources, and mentoring team members in executing workflows and solving complex challenges.

• Provide expert analysis and strategic insights on emerging threats and vulnerabilities, translating complex technical information into actionable intelligence for executive leadership and external stakeholders.

• Spearhead thought leadership initiatives by leading Black Lotus Lab’s voice at security conferences and internal executive briefings.

What We Look For in a Candidate

• Proven experience in threat hunting and in-depth technical security research, demonstrating a strong track record of successfully identifying, tracking, and disrupting nation-state and cybercriminal threat actors.

• Deep understanding of advanced threat hunting methodologies, attacker tactics, techniques, and procedures (TTPs), and the ability to derive actionable threat hunts from complex data sets.

• Demonstrated experience building prototype threat hunting solutions and large data analysis tools with Python (or other equivalent languages).

• Proven experience initiating and coordinating technical projects focused on telemetry collection, TTP based threat hunting, or developing threat hunt tools that have cross-organization impact on threat visibility, including leading private-public partnerships and multi-company collaborations.

• 5+ years of experience in the IC, DoD or similar tracking and defending against nation state threat activity.

• Exceptional communication and presentation skills, including the ability to clearly and concisely convey complex technical information to both technical and non-technical audiences, ranging from executives and board members to conference attendees and internal stakeholders.

• Experience presenting at industry conferences and in the media. 

• Highly organized with the ability to manage multiple tasks, prioritize effectively, and triage competing demands in a fast-paced environment.

• Proven ability to lead and manage complex technical projects, effectively driving them to successful completion.

• Active TS/SCI clearance with poly

**Well-experienced candidates may also have the following skills: **

• Proficiency in malware reverse engineering and incident response.

• 5+ years of experience leading teams of technical threat discovery professionals.

• Software development experience in Docker and big data technologies like Hadoop, Spark, and Tensor Flow.

Compensation

This information reflects the anticipated base salary range for this position based on current national data. Minimums and maximums may vary based on location. Individual pay is based on skills, experience and other relevant factors.

Location Based Pay Ranges:

$149,084 - $98,779 in these states: AL, AR, AZ, FL, GA, IA, ID, IN, KS, KY, LA, ME, MO, MS, MT, ND, NE, NM, OH, OK, PA, SC, SD, TN, UT, VT, WI, WV, and WY.

156,539 - 208,718 in these states: CO, HI, MI, MN, NC, NH, NV, OR, and RI.

163,993 - 218,657 in these states: AK, CA, CT, DC, DE, IL, MA, MD, NJ, NY, TX, VA, and WA.

Lumen offers a comprehensive package featuring a broad range of Health, Life, Voluntary Lifestyle benefits and other perks that enhance your physical, mental, emotional and financial wellbeing. We're able to answer any additional questions you may have about our bonus structure (short-term incentives, long-term incentives and/or sales compensation) as you move through the selection process.

Learn more about Lumen's:

• Benefits (

• Bonus Structure

What to Expect Next

#LI-JS1

Requisition #:

Background Screening

If you are selected for a position, there will be a background screen, which may include checks for criminal records and/or motor vehicle reports and/or drug screening, depending on the position requirements. For more information on these checks, please refer to the Post Offer section of our FAQ page ( . Job-related concerns identified during the background screening may disqualify you from the new position or your current role. Background results will be evaluated on a case-by-case basis.

Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.

Equal Employment Opportunities

We are committed to providing equal employment opportunities to all persons regardless of race, color, ancestry, citizenship, national origin, religion, veteran status, disability, genetic characteristic or information, age, gender, sexual orientation, gender identity, gender expression, marital status, family status, pregnancy, or other legally protected status (collectively, “protected statuses”). We do not tolerate unlawful discrimination in any employment decisions, including recruiting, hiring, compensation, promotion, benefits, discipline, termination, job assignments or training.

Disclaimer

The job responsibilities described above indicate the general nature and level of work performed by employees within this classification. It is not intended to include a comprehensive inventory of all duties and responsibilities for this job. Job duties and responsibilities are subject to change based on evolving business needs and conditions.

In any materials you submit, you may redact or remove age-identifying information such as age, date of birth, or dates of school attendance or graduation. You will not be penalized for redacting or removing this information.

Please be advised that Lumen does not require any form of payment from job applicants during the recruitment process. All legitimate job openings will be posted on our official website or communicated through official company email addresses. If you encounter any job offers that request payment in exchange for employment at Lumen, they are not for employment with us, but may relate to another company with a similar name.

Application Deadline

09/19/2025

Ready to be pushed beyond what you think you’re capable of?

At Coinbase, our mission is to increase economic freedom in the world. It’s a massive, ambitious opportunity that demands the best of us, every day, as we build the emerging onchain platform — and with it, the future global financial system.

To achieve our mission, we’re seeking a very specific candidate. We want someone who is passionate about our mission and who believes in the power of crypto and blockchain technology to update the financial system. We want someone who is eager to leave their mark on the world, who relishes the pressure and privilege of working with high caliber colleagues, and who actively seeks feedback to keep leveling up. We want someone who will run towards, not away from, solving the company’s hardest problems.

Our work culture is intense and isn’t for everyone. But if you want to build the future alongside others who excel in their disciplines and expect the same from you, there’s no better place to be.

While many roles at Coinbase are remote-first, we are not remote-only. In-person participation is required throughout the year. Team and company-wide offsites are held multiple times annually to foster collaboration, connection, and alignment. Attendance is expected and fully supported.

Coinbase Cloud Security (CloudSec) is looking for a Staff Security Engineer to enhance our network security across multiple cloud environments. This role involves leading the design, implementation, and continuous improvement of our security posture. You will leverage your extensive skills in WAF management, DDoS protection, network segmentation, and firewall policy management to enforce robust security measures while enabling developer efficiency.

What you’ll be doing (ie. job duties):

• Design, implement, and maintain network security controls across multi-cloud (AWS, GCP, etc.) and on-prem infrastructure

• Own and optimize Web Application Firewalls (WAF) and DDoS protection services for scalability and resilience.

• Enforce network segmentation and firewall rules that minimize blast radius without impairing productivity.

• Review configuration changes and write policies to detect security invariants.

• Drive continuous improvement of secure-by-default network patterns for developers.

• Write code for automations that support security requirements like threat detection, incident containment, and network access management.

• Partner with engineering teams to review network and routing architecture design changes.

What we look for in you (ie. job requirements):

• At least 8 years of experience in network security with deep expertise in AWS and cloud edge security experience.

• An ability to deploy cloud infrastructure with Terraform and to develop automations or guardrails with Golang.

• An execution-focused mindset, capable of navigating through ambiguity and delivering results.

• Your passion for building an open financial system that brings the world together drives you to excel in this role.

Nice to haves:

• Proficiency in crafting Rego rules for Open Policy Agent (OPA) or comparable policy-as-code solutions.

• Proven experience implementing AWS Network Firewall or GCP Cloud Firewall in large-scale production environments.

• Demonstrated expertise in managing Cloudflare.

• Experience with both GCP and/or on-premise infrastructure.

Position ID: P72327

#LI-Remote

Pay Transparency Notice: Depending on your work location, the target annual salary for this position can range as detailed below. Full time offers from Coinbase also include target bonus + target equity + benefits (including medical, dental, vision and 401(k)).

Pay Range:

$218,025—$256,500 USD

Please be advised that each candidate may submit a maximum of four applications within any 30-day period. We encourage you to carefully evaluate how your skills and interests align with Coinbase's roles before applying.

Commitment to Equal Opportunity

Coinbase is proud to be an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, gender, national origin, age, disability, veteran status, sex, gender expression or identity, sexual orientation or any other basis protected by applicable law. Coinbase will also consider for employment qualified applicants with criminal histories in a manner consistent with applicable federal, state and local law. For US applicants, you may view the Employee Rights and the Know Your Rights notices by clicking on their corresponding links. Additionally, Coinbase participates in the E-Verify program in certain locations, as required by law.

Coinbase is also committed to providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation because of a disability for any part of the employment process, please contact us at accommodations(at)coinbase.com to let us know the nature of your request and your contact information. For quick access to screen reading technology compatible with this site click here to download a free compatible screen reader (free step by step tutorial can be found here).

Global Data Privacy Notice for Job Candidates and Applicants

Depending on your location, the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA) may regulate the way we manage the data of job applicants. Our full notice outlining how data will be processed as part of the application procedure for applicable locations is available here. By submitting your application, you are agreeing to our use and processing of your data as required. For US applicants only, by submitting your application you are agreeing to arbitration of disputes as outlined here.

AI Disclosure

For select roles, Coinbase is piloting an AI tool based on machine learning technologies to conduct initial screening interviews to qualified applicants. The tool simulates realistic interview scenarios and engages in dynamic conversation. A human recruiter will review your interview responses, provided in the form of a voice recording and/or transcript, to assess them against the qualifications and characteristics outlined in the job description.

For select roles, Coinbase is also piloting an AI interview intelligence platform to transcribe and summarize interview notes, allowing our interviewers to fully focus on you as the candidate.

The above pilots are for testing purposes and Coinbase will not use AI to make decisions impacting employment . To request a reasonable accommodation due to disability, please contact accommodations(at)coinbase.com