安全工程师

职位描述

1. Security Architecture Planning & Implementation

- Lead the planning, design, and evolution of the company’s overall security architecture (e.g., Zero Trust networking, cloud, business systems, data security, and identity/access systems).

- Build reusable security capabilities into reference architectures, standards, and security baselines, and drive adoption and implementation across teams.

2. Defense-in-Depth Program Development

- Design detection and prevention capabilities against common attack chains (e.g., phishing, lateral movement, supply chain attacks, and cloud attack/defense techniques) to improve alert quality and response efficiency.

- Conduct security reviews and threat assessments for new businesses, new systems, and major changes; identify risks and define mitigation plans.

- Promote “shift-left” security by embedding controls into CI/CD, release processes, Infrastructure as Code (IaC), and code/dependency governance.

- Lead analysis and coordination for major security incidents (root cause analysis, impact assessment, remediation, and long-term governance improvements).

• 8+ years of experience in network and system security, with leadership experience in security architecture, security technical planning/roadmapping, or security engineering.
• Strong knowledge of common security vulnerabilities and attack techniques; familiar with mainstream security products and typical IT and cloud infrastructure.
• Hands-on offensive/defensive mindset, with experience participating in or leading red/blue team exercises, penetration testing, security drills, and post-incident reviews.
• Proven ability to drive cross-team execution: breaking down security requirements, milestone planning, and collaborating with R&D, DevOps/SRE, compliance, and other stakeholders.
• Solid experience in cloud and container security (at least one major cloud provider such as AWS/Azure), with understanding of IAM, KMS, cloud logging, and cloud-native security.

Preferred Qualifications (Plus)

• Experience in the Crypto industry, wallet security, and on-chain incident analysis.
• Experience building security architecture for large enterprises, including Zero Trust, data security, unified identity, centralized logging, and asset governance.
• Fluency in both Mandarin Chinese and English is required.
• Immediately available will be preferred.

• WFH Policy
• Discretionary Bonus
• Options

Matrixport

Matrixport is one of Asia's fastest-growing digital asset financial services platforms. It provides one-stop crypto financial services, with an average monthly trading volume of over $5 billion. Its offerings include Cactus Custody, spot OTC, fixed income, structured products, lending, and asset management.