Role in brief
Coinbase is hiring a Data Protection Engineer to build and scale data loss prevention capabilities, safeguarding its ecosystem from security threats. This role involves developing and maintaining DLP controls, automating processes with AI, and collaborating with various teams. Candidates with strong security engineering experience in DLP, insider threat, and AI-driven automation should apply.
About the role
This role focuses on implementing and scaling data loss prevention (DLP) capabilities to protect the Coinbase ecosystem from security threats. The work involves building and maintaining DLP controls across various operating systems and decentralized datasets, with a strong emphasis on tuning prevention measures to counter sophisticated data security incidents. Success in this position means effectively hardening Coinbase's security posture against evolving data threats and ensuring timely remediation of issues.
A key aspect of this position is driving automation within DLP engineering and operations. This includes leveraging large language models (LLMs), agentic AI, and an automation-first mindset to streamline workflows and expand data protection coverage. The engineer will also collaborate with cross-functional teams such as endpoint security, IT, engineering, product, compliance, and privacy to deploy technologies and support broader data protection initiatives.
The Data Protection Engineer will be responsible for monitoring and reporting on metrics, providing quantitative and qualitative assessments of programmatic impact, control effectiveness, and emerging risks to leadership. This includes supporting the long-term data protection strategy by working with risk teams, measuring control effectiveness, and adapting to changes in global laws and regulations.
The annual base salary for this position ranges from $144,500 to $170,000 USD, with total compensation potentially including equity, bonus eligibility, and benefits.
Skills that matter here
- DLP: The role requires direct, hands-on experience in implementing and operating enterprise data loss prevention programs, including testing and deploying controls.
- security engineering: Candidates need a background in security engineering, specifically in building and maintaining security controls to protect against data threats.
- ML: Proficiency in leveraging machine learning and AI tools is essential for automating security processes and maximizing operational efficiency in DLP.
- AI: The role involves using agentic AI and LLMs to streamline workflows and scale data protection coverage, requiring responsible application of generative AI.
- SIEM: Experience with Security Information and Event Management (SIEM) systems is necessary for building and operating data protection technologies.
- UBA: Candidates should have demonstrated experience with User Behavior Analytics (UBA) as part of their background in insider threat and data protection.
Who this role suits
- A person who thrives on building and maintaining robust security controls in a dynamic environment.
- Someone with a strong automation-first mindset, eager to integrate AI and machine learning into security operations.
- An individual who excels at cross-functional collaboration and can effectively communicate complex security findings to various stakeholders.
- A professional who understands the insider threat landscape and the regulatory aspects of handling sensitive data globally.
From the employer
What you’ll be doing:
- Build and maintain DLP controls and tooling across multiple OS environments (iOS, Chrome) and decentralized datasets, implementing and tuning prevention capabilities that protect against sophisticated data security incidents.
- Drive automation across DLP engineering and operations by leveraging LLMs, agentic AI, and an automation-first mindset to streamline workflows, reduce manual effort, and scale data protection coverage.
- Partner with cross-functional teams, including endpoint security, IT, engineering, product, compliance, and privacy, to deploy data protection technologies, ensure timely remediation, and support cross-functional data protection initiatives.
- Execute monitoring and metrics reporting by producing quantitative and qualitative measures of programmatic impact, control effectiveness, and emerging risk to keep Data Protection leadership informed of challenges and progress.
- Support the long-term data protection strategy by working with risk teams to measure control effectiveness, address changes in global laws and regulations, and harden Coinbase's security posture against evolving data threats.
What we look for in you:
- 3+ years of security engineering experience with direct, hands-on implementation of enterprise DLP programs, including testing, tuning, and deploying data prevention controls across multiple OS environments and decentralized datasets.
- Demonstrated experience building and operating insider threat and data protection technologies (SIEM, UBA, DLP, endpoint detection), with an understanding of the investigation and intelligence lifecycle.
- Proficiency in creating scalable, automated security processes, with practical experience leveraging ML/AI tooling to maximize operational efficiency across DLP engineering and operations.
- Working knowledge of the insider threat landscape and the legal, regulatory, and ethical considerations of handling sensitive data across a global enterprise, with the ability to communicate findings clearly through briefs and assessments for leadership.
- Utilizes generative AI responsibly, maintaining human oversight to deliver business-ready outputs and drive measurable improvements in workflow efficiency, cost, and quality.
Pay Transparency Notice:
- Base salary varies by location (see range below). Total compensation may also include equity and bonus eligibility, and benefits (medical, dental, vision, 401(k)). Annual base salary range (excluding equity and bonus): $144,500—$170,000 USD.
- Coinbase is proud to be an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, gender, national origin, age, disability, veteran status, sex, gender expression or identity, sexual orientation or any other basis protected by applicable law.
Questions about this role
What is the remote work policy for this role?
This is a remote-first position, but the company expects quarterly in-person working sessions called “surges.”
What level of experience is required for this position?
The role requires at least 3 years of security engineering experience, specifically with direct implementation of enterprise DLP programs.
What are the core skills needed for this role?
Key skills include DLP, security engineering, ML/AI for automation, SIEM, UBA, and endpoint detection, along with an understanding of the insider threat landscape.