Security Risk LeadFramework Ventures • New York, New York, United States
Cette offre d'emploi n'est plus disponible
Security Risk Lead
Framework Ventures
- New York, New York, United States
- New York, New York, United States
À propos
Role Overview This is a critical role to bootstrap BitMEX's Security Assurance practice, responsible for architecting our Security Policy and Risk Management frameworks with compliance‑as‑code as the foundational pillar of our strategy. The position is highly technical in nature and is expected to operationalise our security common controls framework. As the Security Risk Lead, you will also collaborate with stakeholders on the successful execution of SOC 2 audits and other security initiatives. This role is for a highly experienced technical security engineer ready to expand beyond technical execution. We're seeking a candidate with a strong blend of technical and business acumen, proven experience influencing decisions on regulatory standards, and excellent communication skills.
Key Responsibilities
Translate regulatory and compliance requirements into code and actionable technical controls.
Ensure accurate identification, communication, and mitigation of risks, processes, and internal control gaps with potential adverse operational risk implications.
Operationalise the delivery of several security metrics.
Deliver various threat modeling spot checks.
Perform deep‑dived technical risk assessments.
Provide security training and outreach to internal tech teams.
Facilitate the execution of external audits over BitMEX's products and internal controls in accordance with, but not limited to, SOC 2 and ISO 27001.
Qualifications
10+ years of security industry experience with a strong background in software development including at least 3 years of hands‑on experience.
Demonstrated success in leading technical teams in a cloud‑first environment with deep knowledge of Amazon Web Services and general cloud infrastructure security.
Expert on GRC processes to consistently automate and supervise information security controls, testing, and risks.
Knowledge of network security architecture concepts, including topology, protocols, components, and principles.
Hands‑on experience with Open Policy Agent, InSpec, or CloudFormation Guard.
Demonstrated knowledge and expertise in written responses to regulators.
Proficient in managing complex global infrastructure as code.
Good to have
Demonstrated experience researching, building, and implementing defensive security systems that are used against internal and external attack vectors.
Comfortable operating across a wide variety of platforms and technologies.
Relevant certifications like CISSP, CISA, AWS CCP, CIPP, or CIPT are preferred.
Prior experience of working in security and privacy compliance engineering or similar groups at a tech or fintech firm.
Why BitMEX? BitMEX offers a dynamic environment that blends intense work, a vibrant culture, and diversity. We actively recruit across time zones to meet growing demands and attract top global talent. We're seeking determined, responsible, and collaborative individuals to join us in building a leading cryptocurrency ecosystem. We value meticulousness, agility, and simplicity. As a 24/7 global exchange, we look for adaptable team players who can excel in a diverse, cross‑market environment. We provide flexible arrangements to our remote contract talents with:
Work from home to help you find the perfect balance between work, family and personal life
Paid holidays and leave so you won’t miss out on any important events
Team building & off‑site events to bring our global team closer
Advantage of our Beyond Border Remote Working policy, where you get to work away from your home country
Option to choose to be paid in fiat or crypto currency, providing the flexibility to shape your financial freedom
#J-18808-Ljbffr
Compétences linguistiques
- English
Avis aux utilisateurs
Cette offre a été publiée par l’un de nos partenaires. Vous pouvez consulter l’offre originale ici.