Senior DevSecOps Engineer

BitMEX is the world’s leading cryptocurrency derivatives trading platform, which has pioneered cryptocurrency trading through relentless commitment to change, and continues to set benchmarks for innovation, liquidity, and security today.

As the world's most advanced peer-to-peer crypto-products trading platform and API, BitMEX gives knowledge, confidence, and precision to hundreds of thousands of traders, transacting billions of USD a day.

Overview

The Senior DevSecOps Engineer will contribute to the successful operation of the BitMEX cybersecurity tool stack, assist in securing CI/CD pipelines, uplift the container security posture and deploy infrastructure as code security including various automated and manual vulnerability testing processes.

Key Responsibilities

• Design and implement secure automation solutions for development, testing, and production environments
• Collaborate with Product Management and Architects to contribute to the roadmaps of Cloud Platform
• Maintains extensive knowledge of state-of-the-art principles, theories, and practices around all things software-related. Identifies and recommends long-term technologies of relevant company interest and proposes long-term development strategy on cutting-edge trends and developments in area of expertise.
• Implement security best practices and configuration management 
• Employ infrastructure as code paradigm to increase automation, scalability, and reliability
• Perform technology watch related to industry trends and, best practices.

Qualifications

• 10+ years of security industry experience
• Proven experience and understanding of security principles across infrastructure platforms, data layers, integration points, and application layers.
• Demonstrated experience architecting and developing security solutions during the secure software development lifecycle program or secure lifecycle improvement efforts and managing large scale projects to completion
• Adapt to evolving security and business priorities quickly and effectively. Loves new technological challenges and excels at solving them.
• Modern infrastructure and application development experience using public cloud primitives. You should be familiar with kubernetes, serverless architecture and infrastructure as Code tools like Terraform, Ansible, Chef, Puppet
• Experience building tools for Continuous Integration and Continuous Deployment systems. Familiarity with DevSecOps principles for integrating security solutions in products like Jenkins, Helm.
• Knowledge of Kubernetes DNS how it interacts with external DNS servers
• End to end troubleshooting experience

Good to have

• Common security certifications such as GSEC, CEH, CISSP, CCSP, or CCSK.
• Deep understanding of Public Key Infrastructure (PKI)
• Technical understanding of management implementations for identity like MFA, 2SV, SAML, OAuth.
• Experience with Prometheus, Graphite
• Experience with data templating languages like Jsonnet or related a plus

#LI-CH1

Join us, as we build a thriving cryptocurrency ecosystem through strategic investments in emerging cryptocurrency technology, and create the future of digital financial services.