As a member of the BitMEX Security team, you will play a critical role in proactive protection of BitMEX’s people, data, infrastructure and customers.
You will be responsible for building, implementing and operationally supporting network security efforts across our global corporate and production infrastructure. We are looking for a candidate with a passion for security and innovation, who will research and develop new solutions to help protect our infrastructure and our users. This candidate should thrive on finding security issues and eradicating them as well as a desire to make life harder for the bad guys. With focuses that range from large scale DDoS, security tool development, defense against internal and external attacks there’s lots of room to push your skill set further.
This is a full scope role encompassing the testing of our cloud infrastructure, web applications, endpoint systems, and physical infrastructure.
- Implementation and evolution of network access controls.
- Iterate network security posture to better protect against attacks and detect new vectors.
- Lead network efforts to mitigate and investigate security incidents.
- Develop automation and utilize frameworks to scale both protection and mitigation tools.
- Evaluate and test new vendor and in house network initiatives for security issue
- Mentor and evangelize security practices through cross functional work with engineering teams throughout BitMEX.
- Keep BitMEX safe through active operation and defense of critical network infrastructure
- Network Engineering background with emphasis in offensive/defensive security, systems engineering, or software development.
- Strong software development skills in Python, Golang, Ruby, C, C++, or similar.
- Deep knowledge of Amazon Web Services, GCP, and general Cloud infrastructure security.
- Troubleshooting production and/or corporate network security issues. Including knowledge of BGP, TCP/IP and other layer 2 and layer 3 protocols/technologies.
- Demonstrated experience researching, building and implementing defensive security systems that are used against internal and external attack vectors.
- Comfortable operating across a wide variety of platforms and technologies.
- Comfortable managing a complex global infrastructure as code – managing configuration changes centrally.