The Security Programs team aims to be "cohesive tissue" for critical initiatives, acting as a strategic partner to the Security team and broader business to drive security outcomes. We provide an objective view of cross-functional initiatives, helping leaders across the organisation prioritise resources effectively to mitigate risk. Our team, comprised of Project Managers, Program Managers, and Technical Program Managers, works cross-functionally to maintain Coinbase’s "Most Trusted" brand by driving Security initiatives that protect Coinbase and our customers. This role will focus on ensuring security commitments are maintained while enhancing the overall security programme for an acquired business with the goal of long-term integration with Coinbase’s global entity.

What you’ll be doing:

• Support continued execution of acquired company security initiatives and commitments including, for example, maintaining SOC 2 compliance.
• Understand and ensure compliance with applicable regulatory framework requirements including but not limited to MiCA, DORA, GDPR; collaborating cross-functionally to develop a plan to mitigate any gaps/findings.
• Identifying opportunities for improvement and implementing/optimising existing processes and procedures within the current security programme.
• Developing a plan for long-term consolidation of security capabilities between Coinbase global entity and acquired companies including, for example, aligning cross-functional stakeholders on which domains will converge versus be locally maintained.
• Understanding established security processes at the global entity level where appropriate; create and execute a plan to enhance acquired company policies and procedures for seamless integration into global paved roads.
• Collaborate with cross-functional teams and Security partners to document opportunities, challenges, and risks related to security integration of acquired companies.
• Support the execution and delivery of cross-functional security integration projects with multiple dependencies and constraints.
• Work closely with integration leads and cross-functional teams to ensure buy-in and adoption of critical security initiatives.
• Rapidly identify and escalate security integration risks to enable proactive collaboration and timely resolution.
• Provide program status updates to Security leadership and M&A stakeholders, ensuring transparency on key metrics and program effectiveness during integration.
• Concurrently manage multiple critical projects related to entity integration, including establishing and updating milestones, risks, and timelines.
• Understand the current state of various cross-functional integration workstreams and their dependencies.
• Hold teams accountable for deliverable quality and completeness within integration projects.
• Clearly assess and communicate the impact of integration delays to the overall project timeline.

What we look for in you (ie. job requirements):

• 5+ years experience as a program manager or related discipline.
• 5+ years of experience in security, risk management, compliance, information systems or other relevant fields.
• Thrives in a hybrid work environment; this role is expected to work in person in Amsterdam multiple days per week.
• Native-level fluency in English, with proven ability to translate complex security and risk concepts for a predominantly U.S.-based leadership and engineering audience.
• Proven track record in a highly regulated ecosystem such as FinTech, payments or financial services
• Deep familiarity with EMEA frameworks (MiCA, DORA, BAIT, GDPR) and experience implementing cyber/security frameworks (NIST CSF, SOC2, ISO27001).
• Strong understanding and proven experience of formal program management methodologies.
• Working knowledge of and experience in the cyber/security domain.
• Exceptional skills in time management, facilitation, communication, and organisation.
• Organized, detail oriented, self-driven, and comfortable handling complex situations that require navigating ambiguity.
• Strong written and verbal communication skills with a track record of communicating at all levels involving both technical and non-technical teams/stakeholders.
• Strong ability to design straightforward processes that flex to solve novel challenges and evolving regulations
• Excellent at distilling complex security risks into clear, concise updates for both technical teams and C-level stakeholders
• Comfortable working in a distributed, multi-cultural environment across EMEA

Nice to haves:

• Experience building out a globally compliant, regulated Security program.
• Professional certification such as PMP, CISSP and CISA is a plus.
• Experience leveraging automation or AI to accelerate programme delivery.
• Experience or participation in the cryptocurrency industry.
• Comprehensive understanding of security domains, processes, risks and controls.
• Experience working in a high security and/or highly regulated industry.

Job #: P73191