Senior Security Engineer (Cloud) Taipei BTSE – Info Security / On-site apply for this job About BTSE:
彼特思方舟 is a specialized service provider dedicated to delivering a full spectrum of front-office and back-office support solutions, each of which are tailored to the unique needs of global financial technology firms. 彼特思方舟 is engaged by BTSE Group to offer several key positions, enabling the delivery of cutting-edge technology and tailored solutions that meet the evolving demands of the fintech industry in a competitive global market.
BTSE Group is a leading global fintech and blockchain company that is committed to building innovative technology and infrastructure. BTSE empowers businesses and corporate clients with the advanced tools they need to excel in a rapidly evolving and competitive market. BTSE has pioneered numerous trading technologies that have been widely adopted across the industry, setting new benchmarks for innovation, performance, and security in fintech. BTSE’s diverse business lines serve both retail (B2C) customers and institutional (B2B) clients, enabling them to launch, operate, and scale fintech businesses. BTSE is seeking ambitious, motivated professionals to join our B2C and B2B teams.
We are looking for an Enterprise Security Engineer to manage and secure our enterprise identity and access management infrastructure. This role focuses on protecting enterprise systems, managing user identities, and ensuring secure access to corporate resources. Responsibilities
-Acquire a thorough understanding of the organization's IT and information systems landscape
-Lead security solutioning and design for enterprise IT systems, identifying gaps in existing security architecture and recommending changes or enhancements
-Document and establish enterprise security architecture to improve the security posture of Windows, macOS, and mobile environments
-Collaborate with application and infrastructure owners to define integration initiatives across all externally and internally-facing applications and systems
-Plan architectural improvements and provide guidance to support developers, engineers, and analysts
-Apply risk-based thinking to enable teams to make informed security decisions and prioritize effectively
-Ongoing support of IAM technologies, including single sign-on, multi-factor authentication, and user lifecycle management
-Manage user account lifecycle end-to-end: provisioning, securing, access reviews, and deactivation in accordance with least-privilege principles
-Implement and manage role-based access control (RBAC) strategies and integrations across enterprise applications
-Conduct regular access reviews and certification campaigns to ensure compliance
-Implement and manage privileged access management (PAM) solutions for administrative and service accounts
-Deploy and maintain endpoint security tooling including mobile device management (MDM) and endpoint detection and response (EDR) capabilities
-Administer productivity suite security configurations including data loss prevention, access controls, and email security policies
-Secure cloud infrastructure services including IAM policies, security groups, VPCs, and network access controls
-Implement cloud security best practices around logging, monitoring, and alerting (e.g., CloudTrail, GuardDuty, Security Hub)
-Enforce least-privilege access principles across cloud environments and review permissions regularly
-Support cloud workload protection, encryption key management, and secure configuration baselines
5+ years of experience in enterprise security (Infrastructure/Endpoints)
3+ years of experience in AWS/Cloud Security Roles
Experience with enterprise applications (architecture, development, support, and troubleshooting)
Hands-on experience with IAM administration and SAML/OIDC integrations
Familiarity with Google Workspace administration and security features
Knowledge of Windows, MacOS and Linux Systems (System Administration/Security Hardening)
Experience with PAM solutions
Experience with MDM platforms
Proficiency in scripting and automation languages (Bash, PowerShell, Python)
Experience with Identity Governance and Administration (IGA) platforms
Knowledge of Zero Trust architecture principles
SCIM provisioning and automation experience
Experience with conditional access policies and risk-based authentication
Experience with web3 and blockchain technologies
Relevant certifications: CISSP, CEH, AWS Certified Security Specialty, or equivalent
#LI-MC1 We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us. apply for this job
Qualifications: Senior level, On-site, 5+ years enterprise security experience, 3+ years AWS/Cloud Security experience, Enterprise identity and access management, Enterprise systems protection, User identity management, Corporate resource access security, Enterprise security architecture, IT systems landscape understanding, Security solution design, Security architecture gap identification, Security architecture recommendations, Windows environment security posture, macOS environment security posture, Mobile environment security posture, Application owner collaboration, Infrastructure owner collaboration, Integration initiatives definition, Architectural improvements planning, Developer guidance, Engineer guidance, Analyst guidance, Risk-based thinking, IAM technologies support, Single sign-on, Multi-factor authentication, User lifecycle management, User account lifecycle management, Provisioning, Securing, Access reviews, Deactivation, Least-privilege principles, Role-based access control (RBAC), RBAC integrations, Access certification campaigns, Privileged Access Management (PAM), Endpoint security tooling deployment, Endpoint security tooling maintenance, Mobile Device Management (MDM), Endpoint Detection and Response (EDR), Productivity suite security configuration, Data loss prevention, Access controls, Email security policies, Cloud infrastructure security, AWS security, IAM policies, Security groups, VPCs, Network access controls, Cloud security best practices, Logging, Monitoring, Alerting, CloudTrail, GuardDuty, Security Hub, Cloud least-privilege access, Permissions review, Cloud workload protection, Encryption key management, Secure configuration baselines, Enterprise applications architecture experience, Enterprise applications development experience, Enterprise applications support experience, Enterprise applications troubleshooting experience, IAM administration, SAML/OIDC integrations, Google Workspace administration, Google Workspace security features, Windows Systems knowledge, MacOS Systems knowledge, Linux Systems knowledge, System Administration, Security Hardening, Scripting proficiency (Bash, PowerShell, Python) a plus, Identity Governance and Administration (IGA) platforms experience a plus, Zero Trust architecture principles knowledge a plus, SCIM provisioning experience a plus, Conditional access policies experience a plus, Risk-based authentication experience a plus, Web3 technologies experience a plus, Blockchain technologies experience a plus, CISSP certification a plus, CEH certification a plus, AWS Certified Security Specialty a plus