Senior Security Technical Architect

  • 100x Group
  • San Francisco
  • May 17, 2021
Full time Engineering - Backend Information Technology Security & Privacy

Job Description

The Company

100x Group is the result of the phenomenal success of BitMEX, the world’s leading cryptocurrency derivatives trading platform, which has pioneered cryptocurrency trading through relentless commitment to change, and continues to set benchmarks for innovation, liquidity, and security today. The BitMEX trading platform represents the cornerstone of 100x. As the world's most advanced peer-to-peer crypto-products trading platform and API, BitMEX gives knowledge, confidence, and precision to hundreds of thousands of traders, transacting billions of USD per day.

Join us, as we build a thriving cryptocurrency ecosystem of 100x Group companies, through strategic investments in emerging cryptocurrency technology, and create the future of digital financial services.

The Purpose of this Job:

BitMEX is seeking an experienced candidate to join our Information Security team as a Security Technical Architect to help build and design new information security processes and tools. You will be part of an innovative and passionate security team that is chartered to protect the company from a variety of threats using cutting edge technology and best practices. As a Security Technical Architect, you will be a SME on best-practices around digital currency security, including but not limited to: cloud security & architecture, incident response, endpoint security, risk mitigation programs, identity & access management (IAM) and automation & orchestration. You will also have the unique opportunity to work on cross-functional internal and external teams, train on current and emerging technologies relevant to Bitmex and help build secure enterprise and cloud environments.

Responsibilities:

  • Identify and communicate current and emerging security threats. Design security architecture elements to mitigate threats as they emerge.

  • Determines the need for new security technology solutions; designs, reviews and collaborates on the deployment of new solutions. Contributes to the development and implementation of security technology solutions for enterprise environments and architecture.

  • Identify security design gaps in existing and proposed architectures and recommend changes or enhancements

  • Handles the ongoing documentation, development, implementation, and maintenance of processes, procedures, and services associated with architecture functions including ensuring requirements and deliverables are clearly defined.

  • Works with DevOps teams to ensure security architectures are appropriately assessed and able to be supported.

  • Partnering with Application Security and Detection and Response: work with Product Engineering and DevOps teams to implement new technologies and security solutions in alignment with industry best practice and commonly accepted principles of secure design.

  • Partnering with Compliance and Security Assurance:  acts as a subject matter expert on the implementation and capabilities of all existing security controls within Bitmex, particularly in the case of complex and complicated security issues.

  • Where necessary, provide Tier 3 support to help troubleshoot complex issues and architect new solutions.

Qualifications:

  • Bachelor’s degree and at least 3 years of experience in Information Security and IT designing and implementing enterprise-level security solutions, in particular for infrastructure that secures Bitcoin/digital currency systems.

  • At least 5 years of experience translating technical data into business impact information and experience analyzing and troubleshooting various IT Security technologies.

  • At least 5 years of in-depth hands-on experience with security technologies such as, application security, cloud security, containerization, data leakage prevention, encryption techniques, identity and access management, mobile security, network security, and virtualization security.

  • Experience writing security standards, architecture documents, and baselines for infrastructure and applications including risk assessment procedures, policy formation, role-based authorization methodologies, authentication technologies and security attack vectors