About BIT:
BIT (formerly Matrixport) is a global digital asset financial services and infrastructure group. Headquartered in Singapore and founded in 2019, BIT bridges traditional finance and digital assets through governance-driven financial services and technology.
The firm manages over US$7 billion in assets and facilitates more than US$7 billion in monthly trading volume. BIT offers services including custody, trading, asset and wealth management, liquidity and financing solutions, and tokenised real-world assets (RWA), serving institutional and professional investors globally.
BIT Group entities maintain a licensed and regulated footprint across Singapore, Hong Kong, Switzerland, the United Kingdom, the United States and Bhutan.
For more information, visit www.bit.com
Why Join Us:
At BIT, we tackle complex problems as a team. We encourage openness and promote transparency, respect, and inclusivity. Every team member is valued and has a voice that can be heard. We are always in search of intellectually curious and entrepreneurial individuals who are keen on making an impact in the crypto ecosystem and in building a better product for the next one billion users.
Job Responsibilities:
- Lead the planning, design, and evolution of the company's overall security architecture (e.g., Zero Trust networking, cloud, business systems, data security, and identity/access systems).
- Build reusable security capabilities into reference architectures, standards, and security baselines, and drive adoption and implementation across teams.
- Design detection and prevention capabilities against common attack chains (e.g., phishing, lateral movement, supply chain attacks, and cloud attack/defense techniques) to improve alert quality and response efficiency.
- Conduct security reviews and threat assessments for new businesses, new systems, and major changes; identify risks and define mitigation plans.
- Promote shift-left security by embedding controls into CI/CD, release processes, Infrastructure as Code (IaC), and code/dependency governance.
- Lead analysis and coordination for major security incidents (root cause analysis, impact assessment, remediation, and long-term governance improvements).
Job Requirements:
- 8+ years of experience in network and system security, with leadership experience in security architecture, security technical planning/roadmapping, or security engineering.
- Strong knowledge of common security vulnerabilities and attack techniques; familiar with mainstream security products and typical IT and cloud infrastructure.
- Hands-on offensive/defensive mindset, with experience participating in or leading red/blue team exercises, penetration testing, security drills, and post-incident reviews.
- Proven ability to drive cross-team execution: breaking down security requirements, milestone planning, and collaborating with R&D, DevOps/SRE, compliance, and other stakeholders.
- Solid experience in cloud and container security (at least one major cloud provider such as AWS/Azure), with understanding of IAM, KMS, cloud logging, and cloud-native security.
Preferred:
- Experience in the Crypto industry, wallet security, and on-chain incident analysis.
- Experience building security architecture for large enterprises, including Zero Trust, data security, unified identity, centralized logging, and asset governance.
By submitting a job application, you confirm that you have read and agree to our Candidate Privacy Policy.
