Principal Data Leakage Prevention & Privacy Architect

Summary

Join BitMEX as a Principal Data Leakage Prevention & Privacy Architect and play a critical role in safeguarding sensitive data. This remote position, based in the Asia Pacific region, requires expertise in designing and implementing multi-layered PII detection systems, leveraging NLP and ML for contextual PII identification, and developing a comprehensive PII data map. You will also be responsible for developing and refining threat detection rules, architecting secure data handling practices, investigating and remediating data security incidents, and enhancing the overall data security posture. The ideal candidate possesses 12+ years of experience in data security, privacy architecture, and detection engineering, with a strong focus on PII and incident response. This role demands a proactive approach to mitigating data leakage risks and contributing to a culture of data privacy.

Requirements

• 12+ years of experience in highly technical data security, privacy architecture, and detection engineering roles, with a strong focus on PII and a demonstrable experience leading incident response efforts for PII breaches, including forensic investigation techniques and root cause analysis
• Deep expertise in data leakage prevention (DLP) and data privacy principles, regulations (e.g., GDPR, CCPA), and industry best practices
• Extensive hands-on SOAR experience : Past experience with Splunk scaling security monitoring, alert generation, and incident investigation. Experience with Security Orchestration, Automation, and Response platforms to automate DLP incident workflows, threat hunting, and response actions
• Proficiency with cloud data warehousing solutions , particularly Redshift , and an understanding of securing data within such environments
• Demonstrable experience with encryption standards , including AES 128/256 , and their application to sensitive data and identifiers
• Strong understanding of unique identifier systems , especially UUIDv7 , their generation, implementation, and the associated security considerations
• Experience leveraging AI/ML models , including light model LLMs, for enhanced detection capabilities and false positive reduction
• Proven track record of driving complex technical projects from conception to successful implementation, with strong project management skills
• Excellent communication, coordination, and interpersonal skills, with the ability to articulate complex technical and privacy concepts to diverse audiences
• Highly responsible, detail-oriented, proactive, and capable of working independently with minimal supervision in a fast-paced environment

Responsibilities

• Architect and implement multi-layered PII detection systems : Design and deploy advanced PII detection mechanisms using a combination of rule-based detection (Regex, checksums), machine learning (NER, contextual analysis with LLMs), and Exact Data Matching (EDM) to significantly reduce false positives and enhance accuracy
• Leverage NLP and ML for contextual PII identification : Utilize Natural Language Processing (NLP) tools and machine learning models(e.g Hugging Face Transformers) to understand the semantic context of data, distinguish PII from non-PII based on surrounding text, and identify new or nuanced PII types
• Develop and maintain a comprehensive PII data map : Implement strategies for data lineage and data flow analysis to track where PII originates, moves, and resides across all systems (databases, applications, logs, cloud storage), creating a real-time, accurate inventory of sensitive data to inform security and compliance efforts
• Develop and refine threat detection rules : Utilize platforms like Splunk to proactively identify and alert on potential data leakage incidents, with a specific focus on PII
• Architect secure data handling practices : Drive the consolidation of PII into a target data model, working towards having a single source of truth for all our PII
• Investigate and remediate data security incidents : Conduct thorough investigations into potential data exfiltration events
• Enhance data security posture : Assess and improve our overall security posture for PII, including recommending enhancements to network segmentation, IAM, and RDS configurations
• Implement robust encryption strategies : Architect and oversee the implementation of encryption solutions, including AES encryption for sensitive identifiers like UUIDv7, especially for external sharing

Benefits

• Work from home to help you find the perfect balance between work, family and personal life
• Paid holidays and leave so you won’t miss out any important events
• Team building & offsite events to bring our global team closer
• Don’t forget the advantage of our Beyond Border Remote Working policy, where you get to work away from your home country
• Option to choose to be paid in fiat or crypto currency, providing the flexibility to shape your financial freedom