Coinbase
Mid
Lead behavioral threat assessment and protective intelligence casework for Coinbase's Security org
This role owns end-to-end threat case management for a region within Coinbase's Protective Intelligence program, running structured behavioral threat assessments and coordinating incident response across GSOC, Legal, HR/ER, and Executive Protection. The interview is built around real casework judgment: how you triage, assess, and communicate high-consequence, ambiguous threats without direct authority over the teams you're coordinating.
Step into this interview
Free · a live voice mock calibrated to this exact role
What this interview tests
- Structured behavioral threat assessment (WAVR-21/JACA/CTAP-25 style frameworks)
- End-to-end threat case ownership
- Cross-functional incident coordination without direct authority
- Intelligence tooling and OSINT-driven casework
- Executive-ready threat briefings
Common question themes
Walk me through a threat case you owned from intake to closure
How do you apply a structured behavioral assessment framework to decide escalation risk
Describe a time you were the intelligence lead during an active security incident
How do you drive a mitigation plan forward when Legal or HR disagrees with your risk read
How have you used case management or OSINT tooling to improve signal quality on a case