Privacy Analyst

Join Coinbase as a Privacy Analyst to manage privacy incidents, drive analysis, and improve response processes in a fast-paced environment. Competitive salary and remote work. Coinbase is a remote-first, but not remote-only company. Expect to get together quarterly for intense in-person working sessions called “surges.”

• •Own the end-to-end Privacy Incident Management program, including notification workflows, escalation paths, process documentation, responder enablement, and automation opportunities.
• •Lead privacy incident response as the DRI and Incident Commander, coordinating across Privacy, Privacy Legal, CSIRT, Product, Engineering, and Communications to drive analysis, remediation, and follow-through.
• •Maintain on-call readiness to support privacy incident triage, severity classification, and urgent escalations, ensuring incidents are correctly assessed and routed.
• •Drive privacy incident retrospectives, track resulting remediation items and control gaps, and deliver incident metrics and reporting covering trends, remediation status, and process health.
• •Build and maintain strong cross-functional and cross-geography stakeholder relationships to improve readiness, response quality, and business accountability.
• •Support broader Privacy initiatives during lower-volume periods, including cross-functional efforts, tooling development, and automation projects.

• •Base salary varies by location (see range below). Total compensation may also include equity and bonus eligibility, and benefits (medical, dental, vision, 401(k)).
• •Annual base salary range (excluding equity and bonus): $135,320 — $159,200 USD.

• •3+ years of experience in privacy, security, incident response, technology risk, or a related operational risk function, including direct experience leading or supporting incident, issue, or risk workflows requiring structured analysis, documentation, and cross-functional coordination.
• •Strong incident management skills with experience communicating privacy risk and incident findings to both technical and non-technical audiences, including producing written incident analyses, retrospective documentation, and executive-level summaries.
• •Proven track record of leading technical investigations within cloud-native architectures, with hands-on proficiency in SQL, Python, and data analysis tools (e.g., Postgres, MongoDB, Airflow, Looker, Snowflake).
• •Demonstrated experience building automation to reduce manual operational tasks and improve incident response efficiency.
• •Working knowledge of privacy regulations and frameworks (e.g., GDPR, CCPA, PIPEDA, ePrivacy, DPIAs/PIAs, ROPA, data subject rights) data subject rights, privacy controls, and privacy issue management.
• •Utilizes and builds generative AI responsibly, maintaining human oversight to deliver business-ready outputs and drive measurable improvements in workflow efficiency, cost, and quality.