All interviews

Coinbase

Mid

Lead behavioral threat assessment and protective intelligence casework for Coinbase's Security org

This role owns end-to-end threat case management for a region within Coinbase's Protective Intelligence program, running structured behavioral threat assessments and coordinating incident response across GSOC, Legal, HR/ER, and Executive Protection. The interview is built around real casework judgment: how you triage, assess, and communicate high-consequence, ambiguous threats without direct authority over the teams you're coordinating.

Step into this interview

Free · a live voice mock calibrated to this exact role

Practice this interview

What this interview tests

  • Structured behavioral threat assessment (WAVR-21/JACA/CTAP-25 style frameworks)
  • End-to-end threat case ownership
  • Cross-functional incident coordination without direct authority
  • Intelligence tooling and OSINT-driven casework
  • Executive-ready threat briefings

Common question themes

Walk me through a threat case you owned from intake to closure

How do you apply a structured behavioral assessment framework to decide escalation risk

Describe a time you were the intelligence lead during an active security incident

How do you drive a mitigation plan forward when Legal or HR disagrees with your risk read

How have you used case management or OSINT tooling to improve signal quality on a case

View the original posting