BitMEX is hiring a
Senior IT Security Engineer

Summary

Join us, as we build a thriving cryptocurrency ecosystem through strategic investments in emerging cryptocurrency technology, and create the future of digital financial services.

Requirements

• Bachelor's degree in Computer Science, Information Technology, or a related field, or equivalent work experience
• 14+ years of relevant experience, with at least 8+ years in advanced IT, DevOps, or Security Engineering roles
• Experience with SSO/IAM Solutions: Proven experience implementing and managing Single Sign-On (SSO) and Identity and Access Management (IAM) solutions such as Okta or EntraID, including familiarity with protocols like SAML, OIDC, and SCIM
• Security Technologies Expertise: Strong experience with security technologies and concepts such as Endpoint Detection and Response (EDR), Data Loss Prevention (DLP), VPN/Proxy services, and logging mechanisms
• Cloud Platform and Container Experience: Hands-on experience with cloud platforms such as Amazon Web Services (AWS) and Google Cloud Platform (GCP), along with Kubernetes, including knowledge of best practices for securing cloud and container infrastructure
• Experience with MDM Platforms: Proficient in using JAMF and/or other similar Mobile Device Management platforms for macOS and iOS device management
• Network Fundamentals: Solid understanding of TCP/IP, routing, DNS, VPNs, and network Access Control Lists (ACLs)
• Programming and Automation Skills: Proficiency in programming and infrastructure automation tools like Terraform, Ansible, Bash, Python, etc., with experience in converting manual workflows into automated, code-driven processes (e.g., GitOps workflows)
• Independent Worker: Ability to work independently in a remote environment with a proactive and self-motivated mindset
• Strong Communication Skills: Excellent communication, problem-solving, and customer service abilities
• Collaboration Skills: Ability to work collaboratively with cross-functional teams to address security vulnerabilities

Responsibilities

• Maintain and Improve SaaS Applications: Ensure the functionality and security of critical SaaS applications by configuring, supporting, and troubleshooting them
• Harden Platforms and Endpoints: Implement best practices for hardening cloud platforms and endpoint environments to protect against security threats
• Automate Lifecycle Management: Enhance and automate employee lifecycle management processes within our identity and access management solutions, ensuring efficient onboarding, offboarding, and access provisioning
• Review and Optimize Network Security: Assess and improve existing network Access Control Lists (ACLs) and security groups within cloud platforms (e.g., AWS, GCP) to strengthen network security and protect against unauthorized access
• Streamline Operational Workflows: Convert manual operational workflows into automated, code-driven processes (e.g., GitOps workflows) to increase efficiency, reduce errors, and improve scalability
• Administer User Accounts and Policies: Manage user accounts and enforce security policies across various systems to meet organizational security objectives and compliance requirements
• Collaborate on Security Initiatives: Work with cross-functional teams to proactively identify and address potential security vulnerabilities, contributing to the overall security posture of the organization
• Support Compliance Audits: Conduct regular audits of SaaS applications and cloud environments to ensure compliance with industry standards and regulatory requirements
• Provide Remote IT Support: Offer support and troubleshooting for IT and security issues in a remote work environment, ensuring minimal downtime and optimal productivity for team members
• Research and Implement Technologies: Evaluate and deploy new technologies and software applications to enhance security and efficiency across existing systems, staying current with industry trends and innovations
• Develop Technical Documentation: Create and maintain technical documentation, knowledge base articles, and training materials for both technical teams and end-users to facilitate knowledge sharing and education