CX Security Program Manager

Ready to be pushed beyond what you think youu2019re capable of? At Coinbase, our mission is to increase economic freedom in the world. Itu2019s a massive, ambitious opportunity that demands the best of us, every day, as we build the emerging onchain platform u2014 and with it, the future global financial system. To achieve our mission, weu2019re seeking a very specific candidate. We want someone who is passionate about our mission and who believes in the power of crypto and blockchain technology to update the financial system. We want someone who is eager to leave their mark on the world, who relishes the pressure and privilege of working with high caliber colleagues, and who actively seeks feedback to keep leveling up. We want someone who will run towards, not away from, solving the companyu2019s hardest problems. Our [work culture](is intense and isnu2019t for everyone. But if you want to build the future alongside others who excel in their disciplines and expect the same from you, thereu2019s no better place to be. While many roles at Coinbase are remote-first, we are not remote-only. In-person participation is required throughout the year. Team and company-wide offsites are held multiple times annually to foster collaboration, connection, and alignment. Attendance is expected and fully supported. As part of the Customer Experience organization, the Vendor Governance & Site Operations (VGSO) team is responsible for Customer Experience vendor strategy, thirdu2011party and captive site lifecycle governance, security compliance standards, and financial cohesion across the CX organization. This CX Security Program Manager will own CXu2019s security and access governance programs across our BPO network, CX hubs, and COE sites, with a primary focus on strengthening technology access controls, standardizing security review processes for CX tools, and tightening vendor security controls in close partnership with Security, IT, Enterprise Applications, and Vendor Management teams. What youu2019ll be doing: Own the CX security & access governance program across Consumer and Compliance operations, spanning physical security protocols, logical access controls, and sensitive workflow protections for BPOs, COEs, and CX Hubs. Program manage CXu2011wide access governance initiatives endu2011tou2011end: drive the multiu2011quarter roadmap, requirements, and implementation plan to standardize how FTE, CTR, and BPO access is requested, evaluated, approved, and monitored across all CX tools, in partnership with IT Solution Engineering, Enterprise Applications, IAM, Security, and People teams. Lead CX security risk review processes for new and existing tools: establish repeatable intake, triage, and tracking mechanisms for exception and deviation requests across the CX team; partner with Security and CX leadership on calibration, prioritization, and remediation plans; and ensure review outcomes are reflected in access controls, site standards, and vendor contracts where applicable. Scale BPO security governance frameworks by owning the roadmap and execution for security attestation and audit processes, and developing scalable mechanisms to track, review, and resolve security deviations and exception requests, in partnership with Physical Security and Vendor Management. Maintain device governance standards for CX BPOs, including CXu2019s standardized device lifecycle procedures for BPO endpoints, ensuring that enrollment, inventory, offboarding, and device movement controls are consistently applied across all CX BPO sites in alignment with IT and Physical Security standards. Build and maintain central CX security & access inventories (e.g., accessu2011control matrices, security review trackers, vendor security posture views) that connect sites, roles, tools, and entitlements, enabling faster impact analysis, access reviews, and audit responses. Drive crossu2011functional program management and stakeholder alignment: Run working groups and steering forums across Security, IT, Enterprise Applications, VM, Operations, WFM, and People teams. Translate policy and control requirements into pragmatic implementation plans and changeu2011management for CX operations and vendor partners. Continuously improve security processes and playbooks (e.g., BPO site launch playbooks, termination/rampu2011down playbooks, security exception workflows), using lessons from incidents, audits, and vendor findings to refine controls, documentation, and training materials. What we look for in you: 7+ years of experience in program management, technical program management, security, IT, or risk management roles, ideally within a global CX, BPO, or fintech/financial services organization. Proven track record leading complex, crossu2011functional security or accessu2011governance programs (e.g., IAM / LDAP group models, MDM/endpoint standards, security monitoring programs, or largeu2011scale tooling rollouts) from design through implementation and steady state. Deep familiarity with vendor/BPO environments and the interplay between physical security requirements, logical access controls, device standards, and operational processes at thirdu2011party sites. Strong stakeholder management and communication skills, with demonstrated experience partnering closely with Security, IT, Enterprise Applications, Vendor Management, Operations, and Finance to drive alignment and execution across competing priorities. Comfort working with technical and nonu2011technical stakeholders: you can translate security policies and architectural choices into clear requirements, workflows, and SOPs for CX teams and vendors, and youu2019re comfortable discussing tradeu2011offs with IAM and engineering partners. Experience building and maintaining governance mechanisms (RACI, intake processes, approval models, trackers, playbooks) that improve clarity, speed, and auditability across distributed teams. Strong analytical and problemu2011solving skills, including the ability to interpret risk assessments, security findings, and operational data to prioritize mitigations and measure program effectiveness. Excellent written communication skills, with experience writing process documents, playbooks, vendor guidance, and leadershipu2011ready updates on risk posture and program status. Proficiency with productivity and collaboration tools (e.g., G Suite, Jira, Asana, Salesforce or other case tools), and comfort learning new internal identity, access management, and vendor tracking systems. Nice to haves: Prior experience owning security programs in a BPO or contactu2011center context (e.g., site productionu2011zone standards, vendor risk assessments, or security audit programs). Experience working directly with or within Security, IAM, or Risk organizations, especially on technology risk reviews, vendor risk management, or audit remediation programs. Familiarity with crypto, fintech, or other highly regulated environments, and comfort working under evolving regulatory expectations around thirdu2011party risk, data protection, and operational resilience. Requirements: Demonstrates the ability to responsibly use generative AI tools and copilots (e.g., LibreChat, Gemini, Glean) in daily workflows, continuously learn as tools evolve, and apply humanu2011inu2011theu2011loop practices to deliver businessu2011ready outputs and drive measurable improvements in efficiency, cost, and quality. Job ID: 76298 Pay Transparency Notice: Depending on your work location, the target annual base salary for this position can range as detailed below. Total compensation may also include equity and bonus eligibility and benefits (including medical, dental, vision and 401(k)). Annual base salary range (excluding equity and bonus): $166,345u2014$195,700 USD Please be advised that each candidate may submit a maximum of four applications within any 30-day period. We encourage you to carefully evaluate how your skills and interests align with Coinbase's roles before applying. Commitment to Equal Opportunity Coinbase is proud to be an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, gender, national origin, age, disability, veteran status, sex, gender expression or identity, sexual orientation or any other basis protected by applicable law. Coinbase will also consider for employment qualified applicants with criminal histories in a manner consistent with applicable federal, state and local law. For US applicants, you may view the [Employee Rights](and the [Know Your Rights notices](by clicking on their corresponding links. Additionally, Coinbase participates in the [E-Verify program](in certain locations, as required by law. Coinbase is also committed to providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation because of a disability for any part of the employment process, please contact us at accommodations[at] to let us know the nature of your request and your contact information. For quick access to screen reading technology compatible with this site[ click here to download](a free compatible screen reader[ (free step by step tutorial can be found here)]( Global Data Privacy Notice for Job Candidates and Applicants Depending on your location, the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA) may regulate the way we manage the data of job applicants. Our full notice outlining how data will be processed as part of the application procedure for applicable locations is available [here](By submitting your application, you are agreeing to our use and processing of your data as required. For US applicants only, by submitting your application you are agreeing to arbitration of disputes as outlined [here.]( AI Disclosure For select roles, Coinbase is piloting an AI tool based on machine learning technologies to conduct initial screening interviews to qualified applicants. The tool simulates realistic interview scenarios and engages in dynamic conversation. A human recruiter will review your interview responses, provided in the form of a voice recording and/or transcript, to assess them against the qualifications and characteristics outlined in the job description. For select roles, Coinbase is also piloting an AI interview intelligence platform to transcribe and summarize interview notes, allowing our interviewers to fully focus on you as the candidate. The above pilots are for testing purposes and Coinbase will not use AI to make decisions impacting employment. To request a reasonable accommodation due to disability, please contact accommodations[at]

Created: 2026-03-12