Offensive Security Engineer
BitMEX is the world’s leading cryptocurrency derivatives trading platform, which has pioneered cryptocurrency trading through relentless commitment to change, and continues to set benchmarks for innovation, liquidity, and security today.
As the world's most advanced peer-to-peer crypto-products trading platform and API, BitMEX gives knowledge, confidence, and precision to hundreds of thousands of traders, transacting billions of USD a day.
Join us, as we build a thriving cryptocurrency ecosystem through strategic investments in emerging cryptocurrency technology, and create the future of digital financial services.
The goal of an Offensive Security Engineer is to proactively identify and help mitigate technical risk across all BitMEX systems, people, and processes. They will achieve this through a combination of penetration testing, adversary simulation, red/purple teaming, ongoing vulnerability assessment activities and tools development while working closely alongside the Detection & Response, AppSec and Infrastructure Security teams.
- Discover vulnerabilities in BitMEX Corporate infrastructure before a malicious external actor does.
- Discover vulnerabilities in BitMEX Production infrastructure before a malicious external actor does.
- Discover vulnerabilities in BitMEX Physical (office, badging, ..) infrastructure before a malicious external actor does.
- Discover vulnerabilities in BitMEX Executive infrastructure (homes, private/home offices) before a malicious external actor does.
- 5+ years of experience in security testing, vulnerability and/or red team assessment at a top tech or finance company.
- Experience performing physical penetration tests.
- Experience performing “Purple Team” exercises using the Mitre ATT&CK Framework.
- Strong software development skills in Python, Golang, NodeJS, Ruby, C, C++, or similar.
- Deep knowledge of Amazon Web Services, GCP, and general Cloud infrastructure security.
- Deep understanding of DevOps/CICD environments, attack vectors and mitigating controls. Familiarity with Docker/Kubernetes.
- Comfortable operating across a wide variety of platforms, operating systems, and technologies.
- Ability to work collaboratively and cross functionally with the other security teams.
Explore more Information Security career opportunities
- Open Cyber Security Engineer Jobs
- Open Network Security Engineer Jobs
- Open Threat Intelligence Response Analyst Jobs
- Open Staff Security Engineer Jobs
- Open Senior Penetration Tester Jobs
- Open Cybersecurity Analyst Jobs
- Open IT Security Engineer Jobs
- Open Chief Information Security Officer Jobs
- Open Software Security Engineer Jobs
- Open Information Security Officer Jobs
- Open Threat Intelligence Analyst Jobs
- Open Infrastructure Security Engineer Jobs
- Open Vulnerability Analyst Jobs
- Open Computer Forensic Software Engineer Jobs
- Open Lead Security Engineer Jobs
- Open Staff Engineer, Cloud Security Jobs
- Open Senior Infrastructure Security Engineer Jobs
- Open Personnel Security Officer Jobs
- Open Senior Information Security Engineer Jobs
- Open Senior Information Security Analyst Jobs
- Open IAM Engineer Jobs
- Open Sr. Software Engineer - Detection Engineering Jobs
- Open Manager, Cybersecurity and Trust Jobs
- Open Principal Security Engineer Jobs
- Open DevOps Security Engineer Jobs
- Open Audits-related jobs
- Open CEH-related jobs
- Open Clearance-related jobs
- Open Open Source-related jobs
- Open PCI-related jobs
- Open Risk management-related jobs
- Open NIST-related jobs
- Open Forensics-related jobs
- Open IDS-related jobs
- Open Google-related jobs
- Open OSCP-related jobs
- Open Machine Learning-related jobs
- Open Splunk-related jobs
- Open Ruby-related jobs
- Open AI-related jobs
- Open IPS-related jobs
- Open Security assessments-related jobs
- Open Threat detection-related jobs
- Open Encryption-related jobs
- Open Docker-related jobs
- Open Unix-related jobs
- Open TCP/IP-related jobs
- Open PowerShell-related jobs
- Open DNS-related jobs