Staff Security Engineer, Network Security

Coinbase Cloud Security Staff Security Engineer

Ready to be pushed beyond what you think you're capable of? At Coinbase, our mission is to increase economic freedom in the world. It's a massive, ambitious opportunity that demands the best of us, every day, as we build the emerging onchain platform — and with it, the future global financial system. To achieve our mission, we're seeking a very specific candidate. We want someone who is passionate about our mission and who believes in the power of crypto and blockchain technology to update the financial system. We want someone who is eager to leave their mark on the world, who relishes the pressure and privilege of working with high caliber colleagues, and who actively seeks feedback to keep leveling up. We want someone who will run towards, not away from, solving the company's hardest problems. Our work culture is intense and isn't for everyone. But if you want to build the future alongside others who excel in their disciplines and expect the same from you, there's no better place to be. While many roles at Coinbase are remote-first, we are not remote-only. In-person participation is required throughout the year. Team and company-wide offsites are held multiple times annually to foster collaboration, connection, and alignment. Attendance is expected and fully supported.

Coinbase Cloud Security (CloudSec) is looking for a Staff Security Engineer to enhance our network security across multiple cloud environments. This role involves leading the design, implementation, and continuous improvement of our security posture. You will leverage your extensive skills in WAF management, DDoS protection, network segmentation, and firewall policy management to enforce robust security measures while enabling developer efficiency.

Job Duties

Design, implement, and maintain network security controls across multi-cloud (AWS, GCP, etc.) and on-prem infrastructure

Own and optimize Web Application Firewalls (WAF) and DDoS protection services for scalability and resilience.

Enforce network segmentation and firewall rules that minimize blast radius without impairing productivity.

Review configuration changes and write policies to detect security invariants.

Drive continuous improvement of secure-by-default network patterns for developers.

Write code for automations that support security requirements like threat detection, incident containment, and network access management.

Partner with engineering teams to review network and routing architecture design changes.

Job Requirements

At least 8 years of experience in network security with deep expertise in AWS and cloud edge security experience.

An ability to deploy cloud infrastructure with Terraform and to develop automations or guardrails with Golang.

An execution-focused mindset, capable of navigating through ambiguity and delivering results.

Your passion for building an open financial system that brings the world together drives you to excel in this role.

Nice To Haves

Proficiency in crafting Rego rules for Open Policy Agent (OPA) or comparable policy-as-code solutions.

Proven experience implementing AWS Network Firewall or GCP Cloud Firewall in large-scale production environments.

Demonstrated expertise in managing Cloudflare.

Experience with both GCP and/or on-premise infrastructure.

Pay Transparency Notice: Depending on your work location, the target annual salary for this position can range as detailed below. Full time offers from Coinbase also include target bonus + target equity + benefits (including medical, dental, vision and 401(k)). Pay Range: $218,025—$256,500 USD