Insider Threat Analyst

Remote $68k–$112k 22 days ago full-time quality 8.3/10

Role in brief

Coinbase is hiring an Insider Threat Analyst to safeguard digital assets and customer trust. This remote role involves triaging alerts, conducting investigations, and improving detection systems to mitigate insider risks. Candidates with experience in security operations and investigations, who can translate technical findings into actionable recommendations, should apply.

SIEMUBADLPendpoint detectioninvestigationsfraud detection

About the role

This role focuses on protecting Coinbase from internal threats by managing detection systems and conducting investigations. The analyst will perform alert triage, correlate data from various security tools like SIEM, UBA, DLP, and endpoint detection, and support the entire investigative process from initial evidence collection to employee interviews and stakeholder coordination. The work involves a continuous cycle of identifying potential risks and responding to them.

A key aspect of this position is collaborating with internal partners such as Security, Legal, HR, and other business units. The analyst will help design and implement processes aimed at identifying and reducing insider risks. This requires the ability to document cases and create investigative reports that clearly communicate complex technical findings to a non-technical audience, enabling informed decision-making.

Success in this role means not only responding to immediate threats but also proactively enhancing the insider threat program. The analyst will be responsible for identifying recurring gaps in existing controls and proposing scalable solutions to improve detection capabilities. This involves a commitment to continuous improvement and a deep understanding of the evolving insider threat landscape.

The base salary for this role ranges from $68,000 to $112,000, with total compensation potentially including equity, bonus eligibility, and benefits.

Skills that matter here

  • SIEM: This tool is used for executing alert triage and correlation within insider threat detection systems.
  • UBA: This technology is applied for alert triage and correlation to identify potential insider threats.
  • DLP: This skill is essential for triaging and correlating alerts from data loss prevention systems.
  • endpoint detection: This involves using endpoint detection systems for alert triage and correlation activities.
  • investigations: The role requires supporting end-to-end investigations, from evidence collection to stakeholder coordination.
  • fraud detection: This skill is relevant for identifying and mitigating various forms of insider risk.

Who this role suits

  • A candidate with at least three years of experience in insider threat, security operations, or investigations.
  • Someone who has experience conducting or supporting sensitive employee-related investigations.
  • An individual capable of translating complex security issues into clear, actionable advice.
  • A professional with knowledge of the insider threat landscape, including legal and ethical considerations.

From the employer

What you’ll be doing:

  • Execute alert triage, correlation, and analysis across insider threat detection systems (SIEM, UBA, DLP, endpoint detection).
  • Support investigations end to end, from initial triage and evidence collection through employee interviews and stakeholder coordination.
  • Partner with Security, Legal, HR, and business teams to design and execute processes that identify and mitigate insider risks.
  • Build case documentation and investigative reports that translate complex technical findings into concise, decision-ready briefs.
  • Drive improvements to insider threat detection by identifying recurring control gaps and recommending scalable solutions.

What we look for in you:

  • 3+ years of experience in insider threat, security operations, investigations, or a closely related discipline.
  • Demonstrated experience conducting or supporting investigations involving sensitive employee matters.
  • Proven ability to translate complex security problems into clear, actionable recommendations.
  • Working knowledge of the insider threat landscape, including legal, regulatory, and ethical considerations.
  • Utilizes generative AI responsibly, maintaining human oversight.

What we offer:

  • Base salary range: $68K - $112K.
  • Total compensation may also include equity and bonus eligibility, and benefits (medical, dental, vision, 401(k)).

Questions about this role

What is the remote work policy for this role?

This position is fully remote.

What experience level is required for this role?

Candidates should have at least three years of experience in insider threat, security operations, investigations, or a related field.

What security tools will I be using?

You will be working with tools such as SIEM, UBA, DLP, and endpoint detection systems.

Similar jobs

Before you apply

  • Legitimate employers never ask you to pay anything to apply or get hired.
  • Never share seed phrases or private keys. No real job needs them.
  • Do not install software ("test tasks", "trading tools", "video call clients") sent during hiring.
  • Check that the application page's domain really belongs to Coinbase.