Lead Security Management Engineer

Bybit · Remote / APAC

Sector
Fintech
Function
Product & Engineering
Level
Lead
Posted
2026-07-07
Source
greenhouse
Remote
Yes

About Us

Established in 2018, Bybit is one of the world’s leading cryptocurrency exchanges and digital financial platforms, serving over 80 million users across more than 200 countries and regions. Powered by world-class technology and a user-first mindset, Bybit delivers a seamless ecosystem across trading, payments, wealth management, custody, institutional services, and Web3 — connecting users to the future of digital finance.

Our core values define how we build. We listen, care and improve to create products and experiences that put users first. Backed by a global team of ambitious builders, problem-solvers, and innovators, we foster a high-performance and fast-moving environment where talent is empowered to drive real impact at the global scale. Supported by 24/7 multilingual customer service and a strong commitment to innovation, we are shaping the future of finance through technology, collaboration, and bold execution.

Today, Bybit is recognized as one of the most trusted and transparent platforms in the digital asset industry, continuing to expand its global presence while building the infrastructure for the next generation of financial services.

Job responsibilities Regulatory cooperation and audit reception

Cooperate with on-site inspections and remote reviews by reception regulatory agencies (OJK, Bappebti, Kominfo, etc.)

During the Regulatory Scrutiny process, explain the current status, technical architecture, and control measures of the company's information security management system to inspectors

Prepare technical documents and evidence materials required for audit (such as system architecture diagrams, access control instructions, data flow diagrams, etc.)

Track Regulatory Inquiry and Rectification Requirements, coordinate internal team to complete closed loop on time

Pay attention to local regulatory policy dynamics and provide timely feedback to the headquarters security compliance team

Manage server root accounts on demand to ensure root account security.

Construction and maintenance of compliance system

Maintain local compliance system and ensure alignment with headquarters ISMS framework

Perform compliance gap analysis to identify nonconformities and drive corrections

Maintain compliance document library (systems, processes, records, evidence) to ensure audit readiness

Assist with local compliance certification or license application (if applicable)

Security management

Perform compliance site related information security threat and risk assessments and maintain risk registers

Monitor the implementation of compliance station access control policies and regularly review permission assignments

Coordinate compliance station security incident response and ensure incidents are escalated as required (if applicable)

Promote compliance site security awareness training and ensure local employees understand compliance requirements and security specifications

Participate in compliance station supplier security evaluation and third-party risk management

Audit support

Cooperate with internal and external audits (ISO 27001, SOC2, etc.) and prepare evidence materials

Track the progress of rectification found in audits to ensure timely closure

Coordinate the execution and reporting of security evaluation activities such as penetration testing and vulnerability scanning

Job requirements

4-5 years of experience in information security, compliance, or a related field

Experience in regulatory reception or audit support (experience in OJK, Bappebti or Kominfo preferred)

Familiar with information security frameworks (ISO 27001, SOC2, NIST or equivalent standards)

Experience with gap analysis, threat and risk assessment and compliance document management

Understand access control principles, incident response processes, and security awareness training systems

Fluent in Chinese and English listening and speaking, strong written expression ability; those who can speak Indonesian are preferred

Possess XFN coordination skills and be able to communicate effectively with technical and non-technical teams

Careful and rigorous, strong document management and organizational skills

Priority conditions

Have a background in financial technology, cryptocurrency, or Financial Services industry

Hold relevant certifications: CISA, CISSP, ISO 27001 Chief Auditor/Chief Implementer or equivalent qualifications

Experience working with multinational companies and headquarters compliance teams

Why Join UsAt Bybit, we are committed to fostering a supportive and enriching work environment. Our benefits include:- Study Growth Fund: We support your professional development and continuous learning.- Internal Events: Participate in regular team-building activities, workshops, and events designed to promote collaboration and innovation.- Global Collaboration: Be part of a diverse, international team, working alongside colleagues from around the world.- Career Advancement: Access opportunities for growth and advancement within a rapidly expanding global company.- Internal Mobility: Grow with us- Your long-term development is important to us. We offer internal job opportunities to help build your career path.

Apply on greenhouse →
Fintech Product & Engineering