Principal Data Leakage Prevention & Privacy Architect

at BitMEX
🔒 Cybersecurity🟡 Principal

Job description

About BitMEX

BitMEX stands as a globally leading exchange for crypto derivatives, offering traders a professional-grade trading platform. Since its inception in 2014, BitMEX has maintained an impeccable security record with “no coin lost, ever!”.

Our platform caters to cryptocurrency derivatives traders by providing low latency, deep liquidity, and maximum availability. Currently, BitMEX offers more than 100 derivatives contracts, 16 pairs for spot trading, and an easy covert function between 30+ different cryptocurrencies.

In 2015, BitMEX revolutionised the market by inventing the Perpetual Swap, which has since become the most widely traded crypto product. Demonstrating a commitment to transparency, since 2021, BitMEX has been among the first exchanges to regularly publish its on-chain Proof of Reserves and Proof of Liabilities, ensuring that the funds available exceed the total client balances.”

For more information on BitMEX, company initiatives and our products, please visit the BitMEX Blog or www.bitmex.com, and follow LinkedIn, Discord, Telegram and X.

Overview

We are looking for a highly experienced and technically adept Principal Data Leakage Prevention & Privacy Architect to join our Security team. This is a critical and sensitive role that blends advanced detection engineering with robust privacy governance. You will be instrumental in safeguarding our most sensitive data, particularly Personally Identifiable Information (PII), and ensuring our adherence to global data privacy standards. This role requires a hands-on proactive approach to identifying and mitigating data leakage risks, but also actively contributing to various strategic initiatives fostering a culture of data privacy across the organization.

This is a remote position for the Asia Pacific region.

Key Responsibilities

As a Principal Data Leakage Prevention & Privacy Architect, you will:

  • Architect and implement multi-layered PII detection systems: Design and deploy advanced PII detection mechanisms using a combination of rule-based detection (Regex, checksums), machine learning (NER, contextual analysis with LLMs), and Exact Data Matching (EDM) to significantly reduce false positives and enhance accuracy.
  • Leverage NLP and ML for contextual PII identification: Utilize Natural Language Processing (NLP) tools and machine learning models(e.g Hugging Face Transformers) to understand the semantic context of data, distinguish PII from non-PII based on surrounding text, and identify new or nuanced PII types.
  • Develop and maintain a comprehensive PII data map: Implement strategies for data lineage and data flow analysis to track where PII originates, moves, and resides across all systems (databases, applications, logs, cloud storage), creating a real-time, accurate inventory of sensitive data to inform security and compliance efforts.
  • Develop and refine threat detection rules: Utilize platforms like Splunk to proactively identify and alert on potential data leakage incidents, with a specific focus on PII.
  • Architect secure data handling practices: Drive the consolidation of PII into a target data model, working towards having a single source of truth for all our PII.
  • Investigate and remediate data security incidents: Conduct thorough investigations into potential data exfiltration events
  • Enhance data security posture: Assess and improve our overall security posture for PII, including recommending enhancements to network segmentation, IAM, and RDS configurations.
  • Implement robust encryption strategies: Architect and oversee the implementation of encryption solutions, including AES encryption for sensitive identifiers like UUIDv7, especially for external sharing.

Qualifications

  • 12+ years of experience in highly technical data security, privacy architecture, and detection engineering roles, with a strong focus on PII and a demonstrable experience leading incident response efforts for PII breaches, including forensic investigation techniques and root cause analysis.
  • Deep expertise in data leakage prevention (DLP) and data privacy principles, regulations (e.g., GDPR, CCPA), and industry best practices.
  • Extensive hands-on SOAR experience : Past experience with Splunk scaling security monitoring, alert generation, and incident investigation. Experience with Security Orchestration, Automation, and Response platforms to automate DLP incident workflows, threat hunting, and response actions
  • Proficiency with cloud data warehousing solutions, particularly Redshift, and an understanding of securing data within such environments.
  • Demonstrable experience with encryption standards, including AES 128256, and their application to sensitive data and identifiers.
  • Strong understanding of unique identifier systems, especially UUIDv7, their generation, implementation, and the associated security considerations.
  • Experience leveraging AI/ML models, including light model LLMs, for enhanced detection capabilities and false positive reduction.
  • Proven track record of driving complex technical projects from conception to successful implementation, with strong project management skills.
  • Excellent communication, coordination, and interpersonal skills, with the ability to articulate complex technical and privacy concepts to diverse audiences.
  • Highly responsible, detail-oriented, proactive, and capable of working independently with minimal supervision in a fast-paced environment.

Why BitMEX?

BitMEX offers a dynamic environment that blends intense work, a vibrant culture, and diversity. We actively recruit across time zones to meet growing demands and attract top global talent.

We’re seeking determined, responsible, and collaborative individuals to join us in building a leading cryptocurrency ecosystem. We value meticulousness, agility, and simplicity. As a 247 global exchange, we look for adaptable team players who can excel in a diverse, cross-market environment.

We provide flexible arrangements to our remote contract talents with:

  • Work from home to help you find the perfect balance between work, family and personal life
  • Paid holidays and leave so you won’t miss out any important events
  • Team building & offsite events to bring our global team closer
  • Don’t forget the advantage of our Beyond Border Remote Working policy, where you get to work away from your home country
  • Option to choose to be paid in fiat or crypto currency, providing the flexibility to shape your financial freedom

Does this sound like the type of working culture you can thrive in? Apply online now!

Share this job:
Please let BitMEX know you found this job on Remote First Jobs 🙏

Latest Jobs at BitMEX

Benefits of using Remote First Jobs

Discover Hidden Jobs

Unique jobs you won't find on other job boards.

Advanced Filters

Filter by category, benefits, seniority, and more.

Priority Job Alerts

Get timely alerts for new job openings every day.

Manage Your Job Hunt

Save jobs you like and keep a simple list of your applications.

Search remote, work from home, 100% online jobs

We help you connect with top remote-first companies.

Search jobs

Hiring remote talent? Post a job

Frequently Asked Questions

What makes Remote First Jobs different from other job boards?

Unlike other job boards that only show jobs from companies that pay to post, we actively scan over 20,000 companies to find remote positions. This means you get access to thousands more jobs, including ones from companies that don't typically post on traditional job boards. Our platform is dedicated to fully remote positions, focusing on companies that have adopted remote work as their standard practice.

How often are new jobs added?

New jobs are constantly being added as our system checks company websites every day. We process thousands of jobs daily to ensure you have access to the most up-to-date remote job listings. Our algorithms scan over 20,000 different sources daily, adding jobs to the board the moment they appear.

Can I trust the job listings on Remote First Jobs?

Yes! We verify all job listings and companies to ensure they're legitimate. Our system automatically filters out spam, junk, and fake jobs to ensure you only see real remote opportunities.

Can I suggest companies to be added to your search?

Yes! We're always looking to expand our listings and appreciate suggestions from our community. If you know of companies offering remote positions that should be included in our search, please let us know. We actively work to increase our coverage of remote job opportunities.

How do I apply for jobs?

When you find a job you're interested in, simply click the 'Apply Now' button on the job listing. This will take you directly to the company's application page. We kindly ask you to mention that you found the position through Remote First Jobs when applying, as it helps us grow and improve our service 🙏

Apply