About BIT:
BIT (formerly Matrixport) is a global digital asset financial services and infrastructure group. Headquartered in Singapore and founded in 2019, BIT bridges traditional finance and digital assets through governance-driven financial services and technology.
The firm manages over US$7 billion in assets and facilitates more than US$7 billion in monthly trading volume. BIT offers services including custody, trading, asset and wealth management, liquidity and financing solutions, and tokenised real-world assets (RWA), serving institutional and professional investors globally.
BIT Group entities maintain a licensed and regulated footprint across Singapore, Hong Kong, Switzerland, the United Kingdom, the United States and Bhutan.
For more information, visit www.bit.com
Why Join Us:
At BIT, we tackle complex problems as a team. We encourage openness and promote transparency, respect, and inclusivity. Every team member is valued and has a voice that can be heard. We are always in search of intellectually curious and entrepreneurial individuals who are keen on making an impact in the crypto ecosystem and in building a better product for the next one billion users.
Job Responsibilities:
- Participate in and drive the company's S-SDLC (Secure Software Development Lifecycle) program, including security requirements, secure code review, security testing, secure release, and ongoing security operations.
- Support the operation, maintenance, and policy optimization of security platforms and products, including but not limited to EDR, Zero Trust, IAM, DLP, and WAF.
- Conduct log and alert analysis, perform initial incident triage, support incident classification and response, and contribute to post-incident reviews in collaboration with the SOC/SIEM platform.
- Support vulnerability management and incident response, including vulnerability monitoring and early warning, risk analysis and handling, remediation coordination, retesting/verification, and closed-loop improvements.
- Provide security support to cross-functional teams, including security consulting, guidance on day-to-day security best practices, and security risk assessments.
Job Requirements:
- 2+ years of experience in product/application security, security operations, or security engineering/maintenance.
- A bachelor's degree or above is preferred; majoring in Computer Science, Information Security, or Network Security is a plus.
- Solid fundamentals in networking and operating systems, with an understanding of common security vulnerabilities and corresponding mitigation approaches.
- Proficient with common security tools/platforms, and able to understand typical attack chains and interpret security alerts.
- * Strong ownership, highly risk-aware, able to continuously track vulnerabilities and incidents through to closure.
- Able to align with R&D, IT/Operations, and business teams on risks and remediation plans.
- Documentation and process mindset and able to turn experience into standards, SOPs, reports, and postmortem materials.
- Willing to strengthen knowledge and close skill gaps through hands-on practice.
By submitting a job application, you confirm that you have read and agree to our Candidate Privacy Policy.
