BitMEX
Welcome to BitMEX, the most advanced crypto trading platform for Bitcoin. Home to the Perpetual Swap, industry-leading security, up to 100x leverage, and a 100% verified customer base.
BitMEX is the world’s leading cryptocurrency derivatives trading platform, which has pioneered cryptocurrency trading through relentless commitment to change, and continues to set benchmarks for innovation, liquidity, and security today.
As the world's most advanced peer-to-peer crypto-products trading platform and API, BitMEX gives knowledge, confidence, and precision to hundreds of thousands of traders, transacting billions of USD a day.
Role Overview
We are seeking a Senior IT Security Engineer who is proactive, self-motivated, and capable of working independently in a remote environment. As a key member of our corporate IT and Security team, you will be responsible for configuring, supporting, and troubleshooting various IT and Security SaaS platforms. Your role will involve implementing best practices to harden these platforms and our endpoint environments, ensuring the highest levels of security and integrity across our systems.
Key Responsibilities
- Maintain and Improve SaaS Applications: Ensure the functionality and security of critical SaaS applications by configuring, supporting, and troubleshooting them. Identify opportunities for improvement through automation and integration with other platforms to enhance efficiency and security.
- Harden Platforms and Endpoints: Implement best practices for hardening cloud platforms and endpoint environments to protect against security threats. This includes applying security measures to SaaS platforms and devices used across the organization.
- Automate Lifecycle Management: Enhance and automate employee lifecycle management processes within our identity and access management solutions, ensuring efficient onboarding, offboarding, and access provisioning.
- Review and Optimize Network Security: Assess and improve existing network Access Control Lists (ACLs) and security groups within cloud platforms (e.g., AWS, GCP) to strengthen network security and protect against unauthorized access.
- Streamline Operational Workflows: Convert manual operational workflows into automated, code-driven processes (e.g., GitOps workflows) to increase efficiency, reduce errors, and improve scalability.
- Administer User Accounts and Policies: Manage user accounts and enforce security policies across various systems to meet organizational security objectives and compliance requirements.
- Collaborate on Security Initiatives: Work with cross-functional teams to proactively identify and address potential security vulnerabilities, contributing to the overall security posture of the organization.
- Support Compliance Audits: Conduct regular audits of SaaS applications and cloud environments to ensure compliance with industry standards and regulatory requirements.
- Provide Remote IT Support: Offer support and troubleshooting for IT and security issues in a remote work environment, ensuring minimal downtime and optimal productivity for team members.
- Research and Implement Technologies: Evaluate and deploy new technologies and software applications to enhance security and efficiency across existing systems, staying current with industry trends and innovations.
- Develop Technical Documentation: Create and maintain technical documentation, knowledge base articles, and training materials for both technical teams and end-users to facilitate knowledge sharing and education.
Qualifications
- Bachelor's degree in Computer Science, Information Technology, or a related field, or equivalent work experience.
- 14+ years of relevant experience, with at least 8+ years in advanced IT, DevOps, or Security Engineering roles.
- Experience with SSO/IAM Solutions: Proven experience implementing and managing Single Sign-On (SSO) and Identity and Access Management (IAM) solutions such as Okta or EntraID, including familiarity with protocols like SAML, OIDC, and SCIM.
- Security Technologies Expertise: Strong experience with security technologies and concepts such as Endpoint Detection and Response (EDR), Data Loss Prevention (DLP), VPN/Proxy services, and logging mechanisms.
- Cloud Platform and Container Experience: Hands-on experience with cloud platforms such as Amazon Web Services (AWS) and Google Cloud Platform (GCP), along with Kubernetes, including knowledge of best practices for securing cloud and container infrastructure.
- Experience with MDM Platforms: Proficient in using JAMF and/or other similar Mobile Device Management platforms for macOS and iOS device management.
- Network Fundamentals: Solid understanding of TCP/IP, routing, DNS, VPNs, and network Access Control Lists (ACLs).
- Programming and Automation Skills: Proficiency in programming and infrastructure automation tools like Terraform, Ansible, Bash, Python, etc., with experience in converting manual workflows into automated, code-driven processes (e.g., GitOps workflows).
- Independent Worker: Ability to work independently in a remote environment with a proactive and self-motivated mindset.
- Strong Communication Skills: Excellent communication, problem-solving, and customer service abilities.
- Collaboration Skills: Ability to work collaboratively with cross-functional teams to address security vulnerabilities.