Senior Analyst, International Tech Risk & Controls

We’re looking for a 2nd line of defense Technology Risk & Controls Analyst to join the Coinbase Germany team. This role is pivotal in safeguarding our organization against technological and cybersecurity risks by conducting risk assessments and control evaluation. The ideal candidate will have a deep understanding of technology frameworks, risk management, and regulatory compliance, and enjoys working cross functionally to analyze and mitigate risk.

What you’ll be doing (ie. job duties):

• Conduct comprehensive second line assessments of technology risks, ensuring alignment with organizational risk appetite and regulatory requirements.
• Advise on control design and evaluate existing controls and processes to identify potential vulnerabilities and recommend improvements.
• Review and assess the effectiveness of control measures implemented by the 1st Line of Defense (operational management) and the global business. 
• Develop and monitor key risk indicators (KRIs) and control metrics to ensure ongoing risk management and compliance.
• Create/update technology policies and standards that ensure compliance with laws, regulations, and industry standards
• Collaborate with product, engineering, and cybersecurity teams to enhance incident detection and response capabilities.
• Prepare management committee materials (operation and/or risk oversight committee, board)
• Prepare and maintain documentation for regulatory reporting and internal audits.
• Prepare and present risk and control reports to senior management and stakeholders.
• Communicate findings and recommendations effectively to various audiences, including technical and non-technical personnel.
• Propose and implement improvements to risk management processes and control frameworks.

What we look for in you (ie. job requirements):

• 5+ years of experience in technology governance, risk, and or compliance. 
• Experience working with technology standards or frameworks such as ITIL, COBIT, NIST, BAIT
• Strong understanding of risk management principles
• Experience working on remediation projects (new regulation, audit findings)
• Enjoy solving hard problems and can turn incomplete, conflicting, or ambiguous inputs into action plans
• Previous experience working on global programs to implement coordinated efforts
• Experience working within cloud native environments 
• Ability to leverage data to inform critical decisions and make recommendations
• Prior experience working with auditors
• Able to manage multiple stakeholders and priorities simultaneously

Nice to haves:

• Fluency in German
• Experience working with regulators
• Experience working within Financial Services or FinTech
• Prior crypto experience and a demonstrated interest in cryptocurrencies and blockchain technologies 

P61099

#LI-Remote