Senior Manager, Technology Risk

About The Position

Requirements

• 10+ years of experience in a 1 or 2 LoD risk management function and/or Governance, Risk, and Compliance organization.
• Experience working across both 1 and 2 LoD in highly technical domains or technical roles.
• Demonstrable outcomes working with highly technical teams, such as engineering organizations.
• Ability to leverage risk to enable business outcomes rather than just compliance.
• Technology risk domain knowledge, including technical quantitative risk assessments.
• Familiarity with standards and frameworks like ISO 27001/5, NIST CSF, COBIT, ITIL, DORA, and FAIR.
• Clear and concise communication skills, with experience drafting project plans and documenting deliverables.
• Comfortable with project management tools like Jira and Archer, with excellent organization skills.
• Experience managing and mentoring analysts to grow their capabilities.
• Ability to navigate ambiguity and complexity while managing multiple assessments.
• Drive for continuous learning and willingness to embrace new challenges.

Nice To Haves

• Experience supporting risk management in the Technology or FinTech industries.
• Coding knowledge is a plus, but not a requirement.
• Working knowledge of major regulatory/legal frameworks driving requirements across technology organizations.
• Strong knowledge of risk/control issues related to evolving technology such as crypto and cloud.
• Certification in information security risk management qualifications like CRISC, CISA, CISSP, CISM, and FAIR.
• Demonstrated knowledge of crypto/blockchain/web3.

Responsibilities

• Enable risk informed business outcomes by clearly communicating quantitative and qualitative tradeoffs.
• Serve as a true technical partner and sounding board for engineering teams regarding risk quantification and mitigation plans.
• Build, grow, and coach a team of technology and security risk analysts, fostering a culture of agility and innovation.
• Manage risks throughout the risk lifecycle, including intake, triage, analysis, and calculation of inherent/residual risk.
• Maintain a source of truth risk register, ensuring quality control of data and implementing process improvements.
• Iterate on program elements to inform improvements to threat models and risk scoring methodologies.
• Support reporting on risk posture, including findings, metrics, and recommended mitigations to business leadership.
• Develop and maintain communication and training plans for the technology risk program across the organization.
• Align with Enterprise Risk Management to escalate risks and report relevant metrics to senior leadership.
• Collaborate with stakeholders to scale the program’s risk framework across Coinbase entities and products.
• Support audit and regulatory inspections by compiling data for inquiries.
• Maintain awareness of international regulation, emerging threats, forecasts, policies, and benchmarks.

Benefits

• Medical, dental, and vision insurance.
• 401(k) plan with company matching.
• Bonus eligibility and equity eligibility.