Home › Companies › Bitcoin › Senior Security Engineer
Senior Security Engineer
Bitcoin · Remote · Active · BambooHR
Job facts
| Field | Value |
|---|---|
| Company | Bitcoin |
| Title | Senior Security Engineer |
| Normalized title | - |
| Department / team | Engineering |
| Location | Not applicable, Not applicable, Korea (South) |
| Work model | Remote / Remote |
| Employment type | Employee (GK) |
| Salary | - |
| Status | active |
| ATS provider | BambooHR |
| Posted / first seen | 2026-03-25 / 2026-05-30 |
| Changed / last seen | 2026-06-06 / 2026-06-06 |
Related slices
| Page | What it contains | Open |
|---|---|---|
| Company jobs | Active postings from Bitcoin. | Open |
| Company breakdowns | Role, location, ATS, and work model facets for this company. | Open |
| ATS provider jobs | Active postings observed through BambooHR. | Open |
| Provider filtered search | The same provider as a filtered job collection. | Open |
| City jobs | Active postings in Not applicable. | Open |
| Department jobs | Active postings in Engineering. | Open |
| Work model jobs | Active Remote postings. | Open |
| Lifecycle events | Open, update, close, and reopen events for this posting. | Open |
| Original posting | Canonical source or apply URL captured from the ATS. | Open |
Linked records
| Company | Bitcoin |
| Source | c504ae09-3493-41d9-aaa1-d2c9b899da4b |
| ATS provider | BambooHR |
Description
About the role
We are looking for a Senior Security Engineer with strong crypto and Web3 domain knowledge to join our Engineering team. You will be part of a collaborative team headquartered in Tokyo (Shibuya), operating on Japan Standard Time. We are hiring across APAC for candidates who can work in close timezone alignment with the Tokyo team. Reporting directly to the Director of Engineering, you will own the security posture of our products and infrastructure from end to end, spanning application security, cloud and Kubernetes environments, smart contract security, security operations, and compliance. This is a high-impact role based in our Tokyo office, or fully remote from within the APAC region. You must be physically located in Japan or a nearby APAC country with working hours that fully overlap with Japan Standard Time (JST/UTC+9). Candidates outside APAC who plan to work night shifts to cover JST will not be considered. You will work closely with our DevOps and Engineering teams across an AWS-native, containerized stack, and help us stay ahead of the rapidly evolving, AI-accelerated threat landscape in the crypto and Web3 space.
Key responsibilities
Lead the design and implementation of security controls across AWS, EKS/Kubernetes, CI/CD (Jenkins, GitHub Actions, ArgoCD), and AI/agentic engineering workflows.
Own threat modelling, risk assessments, and security architecture reviews across infrastructure, applications, and AI-driven systems.
Drive vulnerability management end-to-end — including code, infrastructure, and AI-generated artifacts — using tools such as NewRelic, Bugsnag, and security scanners.
Define and enforce secure coding and AI usage standards, including guardrails for LLMs, copilots, and automated workflows.
Build and operate security monitoring, alerting, and incident response capabilities, including detection and handling of AI/agent-related risks.
Evaluate and manage security and AI tooling (SAST/DAST, SIEM, EDR, secrets management), ensuring least-privilege access and secure integrations.
Harden infrastructure and data layers (Terraform, IAM, VPC, Cloudflare, Cassandra, Kafka, Redis), including protections against unauthorized or automated actions.
Drive compliance (SOC 2, ISO 27001) with a focus on auditability, data protection, and governance of AI systems.
Act as a security leader — educating teams, shaping best practices, and staying ahead of threats across AI, cloud, and Web3 (smart contracts, key management, bridges).
Partner with blockchain/product teams to mitigate risks in decentralized systems.
Requirements
We are looking for someone with hands-on experience across both offensive and defensive security disciplines:
Based in APAC, within roughly ±2 hours of Japan Standard Time (JST/UTC+9), e.g., Japan, South Korea, Taiwan, Philippines, eastern Australia, etc. Full daily overlap with Tokyo working hours is required.
5–8 years in security engineering across application, cloud, and infrastru cture security.
Strong understanding of crypto/Web3 security (smart contracts, wallet/key management, blockchain attack vectors).
Deep hands-on experience securing AWS (IAM, VPC, EKS, S3, EC2) and Kubernetes environments.
Proficiency in AppSec (OWASP Top 10, secure SDLC, code reviews) and common security tooling (SAST/DAST, SIEM, secrets management).
Solid foundation in network security, cryptography, and auth protocols (OAuth, SAML, MFA).
Experience with incident response, threat modelling, and frameworks like MITRE ATT&CK.
Familia rity with compliance standards (SOC 2, ISO 27001, NIST, GDPR).
Strong communication skills and ability to operate autonomously.
Nice to have
Certifications (CISSP, OSCP, AWS Security, etc.).
DevSecOps experience and CI/CD security integration.
Experience with Cloudflare, service mesh (Istio), or microservices security.
Background in software engineering (Java, Rust, TypeScript).
Smart contract auditing or Web3 tooling (Slither, MythX, Certora, on-chain monitoring).
Experience building or scaling a security function.
Professional fluency in Japanese.
What we offer
A high-impact, senior-level role with direct visibility to engineering and company leadership.
Ownership over a broad, challenging security mandate with room to shape strategy.
Collaborative and engineering-first culture that values security as a core competency.
Opportunities for professional development, certifications, and conference attendance.
Full job record
| Job ID | 690f371c09de4e5bf54dfb593e68192e53e60829 |
| Org ID | ecabf7c4-2b56-4975-89d9-7b06643a918c |
| Source ID | c504ae09-3493-41d9-aaa1-d2c9b899da4b |
| Board ID | c504ae09-3493-41d9-aaa1-d2c9b899da4b |
| Provider | bamboohr |
| Provider Job Key | 31 |
| Title | Senior Security Engineer |
| Normalized Title | — |
| Status | active |
| Active | yes |
| Location Text | — |
| Department | Engineering |
| Team | — |
| Employment Type | Employee (GK) |
| Workplace Type | remote |
| Remote Policy | remote |
| Country | Korea (South) |
| Region | Not applicable |
| City | Not applicable |
| Salary Raw | — |
| Salary Min | — |
| Salary Max | — |
| Salary Currency | — |
| Salary Period | — |
| Source URL | https://bitcoin.bamboohr.com/careers/31 |
| Apply URL | https://bitcoin.bamboohr.com/careers/31 |
| First Seen At | 2026-05-30 06:04:56Z |
| Last Seen At | 2026-06-06 10:26:40Z |
| Last Checked At | 2026-06-06 10:26:40Z |
| Last Changed At | 2026-06-06 10:26:40Z |
| Inactive At | — |
| Source Posted At | 2026-03-25 00:00:00Z |
| Source Updated At | — |
| Raw Payload Uri | s3://job-postings-prod-raw-590183727216/raw/provider=bamboohr/board=bitcoin/date=2026-06-06/2026-06-06T10-26-40-448Z-6723a68a381b4f2b3274ddb1e42025c01ef800fb9b1a30b26ff1443faf0f8620.json |
Event Fields
{
"content_hash": "c432f0d0b176560d0c26083707f8efb60c5078fc59330ff74a572a06d29cd747",
"source_hash": "e89480de8777b4008a3c0a1df65964cf0d938c161cf225c18e527136c2b7e81d",
"last_changed_at": "2026-06-06T10:26:40.986Z",
"active_status": "active"
}Parsed Structured
{
"language": "en",
"location": {
"raw": "Not applicable, Not applicable, Korea (South)",
"city": "Not applicable",
"region": "Not applicable",
"country": "Korea (South)",
"is_remote": true,
"confidence": 0.8
},
"salary_max": null,
"salary_min": null,
"inferred_at": "2026-06-06T10:26:40.984Z",
"launch_scope": {
"reason": "bamboohr_production_catalog",
"included": true,
"location": {
"raw": "Not applicable, Not applicable, Korea (South)",
"city": "Not applicable",
"region": "Not applicable",
"country": "Korea (South)",
"is_remote": true,
"confidence": 0.8
},
"countries": [
"Korea (South)"
]
},
"remote_policy": "remote",
"salary_period": null,
"workplace_type": "remote",
"salary_currency": null
}Extensions
{}Native Structured
{
"list_job": {
"id": "31",
"isRemote": null,
"location": {
"city": null,
"state": null
},
"atsLocation": {
"city": "Not applicable",
"state": null,
"country": "Korea (South)",
"province": "Not applicable"
},
"departmentId": "18458",
"locationType": "1",
"jobOpeningName": "Senior Security Engineer",
"departmentLabel": "Engineering",
"employmentStatusLabel": "Employee (GK)"
},
"detail_errors": [],
"detail_job_opening": {
"location": {
"city": null,
"state": null,
"postalCode": null,
"addressCountry": null
},
"datePosted": "2026-03-25",
"atsLocation": {
"city": "Not applicable",
"state": "Not applicable",
"country": "Korea (South)",
"countryId": "114"
},
"description": "<p><span style=\"color: rgb(31, 77, 120); font-family: Arial, sans-serif; font-size: 12pt; font-weight: bold\">About the role</span></p>\n<p><span style=\"font-family: Arial, sans-serif; font-size: 10pt\">We are looking for a Senior Security Engineer with strong crypto and Web3 domain knowledge to join our Engineering team. You will be part of a collaborative team headquartered in Tokyo (Shibuya), operating on Japan Standard Time. We are hiring across APAC for candidates who can work in close timezone alignment with the Tokyo team. Reporting directly to the Director of Engineering, you will own the security posture of our products and infrastructure from end to end, spanning application security, cloud and Kubernetes environments, smart contract security, security operations, and compliance. This is a high-impact role based in our Tokyo office, or fully remote from within the APAC region. <span style=\"font-weight: bold\">You must be physically located in Japan or a nearby APAC country with working hours that fully overlap with Japan Standard Time (JST/UTC+9).</span> Candidates outside APAC who plan to work night shifts to cover JST will not be considered. You will work closely with our DevOps and Engineering teams across an AWS-native, containerized stack, and help us stay ahead of the rapidly evolving, AI-accelerated threat landscape in the crypto and Web3 space.</span></p>\n<p><br></p>\n<p><span style=\"color: rgb(31, 77, 120); font-family: Arial, sans-serif; font-size: 12pt; font-weight: bold\">Key responsibilities</span></p>\n<ul>\n<li><span style=\"font-family: Arial, sans-serif; font-size: 10pt\">Lead the design and implementation of security controls across AWS, EKS/Kubernetes, CI/CD (Jenkins, GitHub Actions, ArgoCD), and AI/agentic engineering workflows.</span></li>\n<li><span style=\"font-family: Arial, sans-serif; font-size: 10pt\">Own threat modelling, risk assessments, and security architecture reviews across infrastructure, applications, and AI-driven systems.</span></li>\n<li><span style=\"font-family: Arial, sans-serif; font-size: 10pt\">Drive vulnerability management end-to-end — including code, infrastructure, and AI-generated artifacts — using tools such as NewRelic, Bugsnag, and security scanners.</span></li>\n<li><span style=\"font-family: Arial, sans-serif; font-size: 10pt\">Define and enforce secure coding and AI usage standards, including guardrails for LLMs, copilots, and automated workflows.</span></li>\n<li><span style=\"font-family: Arial, sans-serif; font-size: 10pt\">Build and operate security monitoring, alerting, and incident response capabilities, including detection and handling of AI/agent-related risks.</span></li>\n<li><span style=\"font-family: Arial, sans-serif; font-size: 10pt\">Evaluate and manage security and AI tooling (SAST/DAST, SIEM, EDR, secrets management), ensuring least-privilege access and secure integrations.</span></li>\n<li><span style=\"font-family: Arial, sans-serif; font-size: 10pt\">Harden infrastructure and data layers (Terraform, IAM, VPC, Cloudflare, Cassandra, Kafka, Redis), including protections against unauthorized or automated actions.</span></li>\n<li><span style=\"font-family: Arial, sans-serif; font-size: 10pt\">Drive compliance (SOC 2, ISO 27001) with a focus on auditability, data protection, and governance of AI systems.</span></li>\n<li><span style=\"font-family: Arial, sans-serif; font-size: 10pt\">Act as a security leader — educating teams, shaping best practices, and staying ahead of threats across AI, cloud, and Web3 (smart contracts, key management, bridges).</span></li>\n<li><span style=\"font-family: Arial, sans-serif; font-size: 10pt\">Partner with blockchain/product teams to mitigate risks in decentralized systems.</span><br></li>\n</ul>\n<p><br></p>\n<p><span style=\"color: rgb(31, 77, 120); font-family: Arial, sans-serif; font-size: 12pt; font-weight: bold\">Requirements</span></p>\n<p><span style=\"font-family: arial, helvetica, sans-serif; font-size: 10pt\">We are looking for someone with hands-on experience across both offensive and defensive security disciplines:</span></p>\n<ul>\n<li><span style=\"font-family: arial, helvetica, sans-serif; font-size: 10pt\">Based in APAC, within roughly ±2 hours of Japan Standard Time (JST/UTC+9), e.g., Japan, South Korea, Taiwan, Philippines, eastern Australia, etc. Full daily overlap with Tokyo working hours is required. </span></li>\n<li><span style=\"font-family: Arial, sans-serif; font-size: 10pt\"><span style=\"font-family: arial, helvetica, sans-serif\">5–8 years in security engineering across application, cloud, and infrastru</span>cture security.</span></li>\n<li><span style=\"font-family: Arial, sans-serif; font-size: 10pt\">Strong understanding of crypto/Web3 security (smart contracts, wallet/key management, blockchain attack vectors).</span></li>\n<li><span style=\"font-family: Arial, sans-serif; font-size: 10pt\">Deep hands-on experience securing AWS (IAM, VPC, EKS, S3, EC2) and Kubernetes environments.</span></li>\n<li><span style=\"font-family: Arial, sans-serif; font-size: 10pt\">Proficiency in AppSec (OWASP Top 10, secure SDLC, code reviews) and common security tooling (SAST/DAST, SIEM, secrets management).</span></li>\n<li><span style=\"font-family: Arial, sans-serif; font-size: 10pt\">Solid foundation in network security, cryptography, and auth protocols (OAuth, SAML, MFA).</span></li>\n<li><span style=\"font-family: Arial, sans-serif; font-size: 10pt\">Experience with incident response, threat modelling, and frameworks like MITRE ATT&CK.</span></li>\n<li><span style=\"font-family: Arial, sans-serif; font-size: 10pt\">Familia<span style=\"font-family: arial, helvetica, sans-serif\">rity with compliance standards (SOC 2, ISO 27001, NIST, GDPR).</span></span></li>\n<li><span style=\"font-family: arial, helvetica, sans-serif; font-size: 10pt\">Strong communication skills and ability to operate autonomously.</span></li>\n</ul>\n<p><br></p>\n<p><span style=\"color: rgb(31, 77, 120); font-family: Arial, sans-serif; font-size: 12pt; font-weight: bold\">Nice to have </span></p>\n<ul>\n<li><span style=\"font-family: Arial, sans-serif; font-size: 10pt\">Certifications (CISSP, OSCP, AWS Security, etc.).</span></li>\n<li><span style=\"font-family: Arial, sans-serif; font-size: 10pt\">DevSecOps experience and CI/CD security integration.</span></li>\n<li><span style=\"font-family: Arial, sans-serif; font-size: 10pt\">Experience with Cloudflare, service mesh (Istio), or microservices security.</span></li>\n<li><span style=\"font-family: Arial, sans-serif; font-size: 10pt\">Background in software engineering (Java, Rust, TypeScript).</span></li>\n<li><span style=\"font-family: Arial, sans-serif; font-size: 10pt\">Smart contract auditing or Web3 tooling (Slither, MythX, Certora, on-chain monitoring).</span></li>\n<li><span style=\"font-family: Arial, sans-serif; font-size: 10pt\">Experience building or scaling a security function.</span></li>\n<li><span style=\"font-family: Arial, sans-serif; font-size: 10pt\">Professional fluency in Japanese.</span></li>\n</ul>\n<p><br></p>\n<p><span style=\"color: rgb(31, 77, 120); font-family: Arial, sans-serif; font-size: 12pt; font-weight: bold\">What we offer </span></p>\n<ul>\n<li><span style=\"font-family: Arial, sans-serif; font-size: 10pt\">A high-impact, senior-level role with direct visibility to engineering and company leadership.</span></li>\n<li><span style=\"font-family: Arial, sans-serif; font-size: 10pt\">Ownership over a broad, challenging security mandate with room to shape strategy.</span></li>\n<li><span style=\"font-family: Arial, sans-serif; font-size: 10pt\">Collaborative and engineering-first culture that values security as a core competency.</span></li>\n<li><span style=\"font-family: Arial, sans-serif; font-size: 10pt\">Opportunities for professional development, certifications, and conference attendance.</span></li>\n</ul>",
"compensation": null,
"departmentId": "18458",
"locationType": "1",
"seekPromoted": false,
"jobCategoryId": null,
"jobOpeningName": "Senior Security Engineer",
"departmentLabel": "Engineering",
"jobOpeningStatus": "Open",
"minimumExperience": "Experienced",
"jobOpeningShareUrl": "https://bitcoin.bamboohr.com/careers/31",
"employmentStatusLabel": "Employee (GK)"
}
}Get this page with API
Rendered from the bluedoor Job Postings API. Reproduce it:
GET https://api.bluedoor.sh/job-postings/v1/jobs/690f371c09de4e5bf54dfb593e68192e53e60829?include=descriptionJSONGET https://api.bluedoor.sh/job-postings/v1/orgs/ecabf7c4-2b56-4975-89d9-7b06643a918cJSONGET https://api.bluedoor.sh/job-postings/v1/sources/c504ae09-3493-41d9-aaa1-d2c9b899da4bJSONGET https://api.bluedoor.sh/job-postings/v1/jobs/690f371c09de4e5bf54dfb593e68192e53e60829/eventsJSON