Principal International Security GRC Analyst

## What you’ll be doing: Support ongoing International security and technology activities and facilitate company growth / expansion into new regulated jurisdictions across APAC. Lead and drive continuous improvement on service management of critical outsourced services providers including SLA reporting on Technology, Security and Data services Establish and execute quarterly, annual security GRC objectives for Coinbase APAC and develop and execute program maturity models for continuous program improvements. Monitor evolution and changes in APAC and international security standards and guidance, advise team and stakeholders on impact Drive compliance against technology regulatory requirements Serve as one of the primary security touchpoints with APAC regulatory bodies Lead product launch reviews focusing on technology and security requirements and associated risks Lead APAC technology risk assessments , manage risk treatment and monitor and report outcomes to APAC entities Partner with your global Security colleagues to create culture change and ensure security best practices company wide are reflected in Coinbase US and International activities Partner with and provide regional support to Security Engineering teams ## What we look for in you: 10+ years of experience in security or technology governance, risk, or compliance with experience leading and/or building a team of full time employees and when required contractor support. 4+ years of experience working within Financial Services or FinTech Experience working within Cloud native environment 2+ years of experience within a Security Architecture or Engineering role Track record of implementing security standards or frameworks including at least two of the following:, ISO 27001, NIST CSF, NIST 800-53 Experience in reporting technology and security posture to senior stakeholders Prior experience working closely with auditors and external regulators Prior experience navigating ambiguity and are energised by bringing order to lots of moving parts Prior experience partnering with cross-functional teams: Product Engineering, Enterprise Risk, Legal, Data Governance, Customer Experience and Compliance, Previous experience working with various global sites to implement coordinated efforts. Outstanding communication and writing skills that enable you to proactively build relationships, inform others, and clearly explain security requirements to any team ## Nice to haves: You have a relevant BA/BS degree in a technical field or equivalent experience One of more of the following certifications: CISSP, CISM, CISA, CRISC, or other relevant certifications Experience working with global regulators Prior experience managing Security Engineering or Operations teams Experience working within a CI/CD environment and exposure to DevSecOps Apply tot his job