Insider Threat Analyst

You'll join the Insider Threat team within Coinbase's Security Operations organization as an Insider Threat Analyst. This team protects billions of dollars in digital assets and the trust of millions of customers by detecting, investigating, and mitigating threats from inside the organization. You'll serve as the front line for insider threat detection, triaging alerts, conducting investigations, and partnering cross-functionally with Security, Legal, HR, and business teams to safeguard Coinbase as it scales globally.

What you'll do:

• Execute alert triage, correlation, and analysis across insider threat detection systems (SIEM, UBA, DLP, endpoint detection), prioritizing findings and escalating recommendations for investigation and mitigation.
• Support investigations end to end, from initial triage and evidence collection through employee interviews and stakeholder coordination, delivering clear documentation of findings, risk assessment, and recommended next steps.
• Partner with Security, Legal, HR, and business teams to design and execute processes that identify and mitigate insider risks, including abuse and misuse across company systems.
• Build case documentation and investigative reports that translate complex technical findings into concise, decision-ready briefs and assessments for leadership and cross-functional stakeholders.
• Drive improvements to insider threat detection by identifying recurring control gaps, refining alerting logic, and recommending scalable solutions that reduce insider risk across the organization.

Required Skills and Experience:

• 2+ years of experience in insider threat, security operations, investigations, fraud detection, or a closely related discipline, with hands-on use of insider threat technologies (SIEM, UBA, DLP, endpoint detection) and log analysis.
• Demon