Job Description


The goal of an Application Security Engineer is to proactively identify and help mitigate technical risk in all software & infrastructure applications within BitMEX. They will achieve this with a combination of security gate implementation & management, security control administration and overall reporting in the software development lifecycle. They will be working alongside, and supported by Security Architect and Vulnerability Management security functions.

Key Responsibilities

  • Design and implement secure automation solutions for development, testing, and production environments
  • Collaborate with Product Management and Architects to contribute to the roadmaps of application security controls
  • Implement security controls, best practices and configuration management 
  • Hands-on contributor and code reviewer on application security and CI/CD pipeline related projects
  • Employ infrastructure as code paradigm to increase automation, scalability, and reliability
  • Perform technology watches related to industry trends and best practices.
  • Maintains extensive knowledge of state-of-the-art principles, theories, and practices around all things software-related. Identifies and recommends long-term technologies of relevant company interest and proposes long-term development strategy on cutting-edge trends and developments in area of expertise.


  • 10+ years of security industry experience
  • In-depth knowledge and  experience with security tools such as SAST, SCA, supply chain & container security. 
  • Experience implementing security gates in Continuous Integration and Continuous Deployment systems. Familiarity with security principles for integrating security solutions in products like GitLab CI/CD, GitHub Actions, Jenkins, Helm, ArgoCD.
  • Modern infrastructure and application development experience using public cloud primitives. You should be familiar with kubernetes, serverless architecture and infrastructure as Code(IaC) tools such as terraform, ansible, chef.
  • Solid experience in managing and configuring Git based Source Code Management solutions, such Github, Gitlab
  • Proven experience and understanding of security principles across infrastructure platforms, data layers, integration points, and application layers.
  • Demonstrated experience architecting and developing security solutions during the secure software development lifecycle program or secure lifecycle improvement efforts and managing large scale projects to completion
  • Adapt to evolving security and business priorities quickly and effectively. Loves new technological challenges and excels at solving them.

Good to have

  • Common security certifications such as GSEC, CEH, CISSP, CCSP, or CCSK.
  • Good understanding of Public Key Infrastructure (PKI)
  • Technical understanding of management implementations for identity like MFA, 2SV, SAML, OAuth, OIDC.
  • Experience with Grafana/Loki/Prometheus/Thanos, Graphite, Fluentd
  • Experience with data templating languages like Jsonnet or related a plus

Join us, as we build a thriving cryptocurrency ecosystem through strategic investments in emerging cryptocurrency technology, and create the future of digital financial services.

  • App Development
  • Communications Skills
  • Security System Management
© 2024 All right reserved.