Job matched to your search
Senior Security Engineer
Bitdeer Technologies Group · Singapore
Free · Join 5,000+ job seekers using Qarera
How well do you match this role?
Tap the skills you already have — then see your real match score, what’s missing, and your resume fixed for this job.
Job description
About Bitdeer:
Bitdeer is a world-leading technology company for Bitcoin mining and AI cloud.
Bitdeer is committed to providing comprehensive Bitcoin mining solutions for its customers. Apart from designing industry-leading ASIC chips and manufacturing mining rigs, the Group handles complex processes involved in computing across the value chain. This includes equipment procurement, transport logistics, datacenter design and construction, equipment management, and network and facility operations. Bitdeer also offers advanced cloud capabilities to customers with a high demand for artificial intelligence.
Headquartered in Singapore, Bitdeer operates globally with a diversified 3 GW energy portfolio, and deploys Bitcoin mining and HPC datacenters in the United States, Bhutan, Norway, Canada, Malaysia, and Ethiopia.
About the team
A security engineer role on the AI Cloud business line, covering four areas: security clause review in customer contracts, SDLC security process design and audit, day-to-day compliance control execution and self-audit, and technical input into insurance work. Also the direct technical contact for customers on security matters. Sits within Development Security & Testing, reports to the Head of Security.
What you will be responsible for:
- Customer contract security clauses — Build and maintain AI Cloud's own standard security clause library , tiered by customer segment. Review customer-proposed redlines, focusing on AI-specific issues — model output liability, training data residency, inference data retention, IP indemnity. Work with Legal and Sales to negotiate technical commitments on encryption strength, RPO/RTO, vulnerability SLAs, right-to-audit scope, and breach notification timelines.
- Customer technical engagement — Handle customer security questionnaires (SIG, CAIQ, custom questionnaires, AI-specific assessments). Attend customer-led security reviews, on-site audits, and assurance calls. Explain our AIDC architecture (InfiniBand isolation, GPU multi-tenancy, BMC, cross-region data flows) in a way customer security teams can validate. Trust Center technical content also lives here.
- SDLC security process — Set up a standard SDLC security flow across AI Cloud product lines: threat modeling, design review, security testing requirements, pre-release sign-off. Checkpoints at design / coding / pre-release / post-release. Quarterly audit of how each product team follows the process; push remediation. Also own the engineering security training (secure coding, threat modeling, AI security) — design once, deliver quarterly.
- Business-line compliance execution & self-audit — Make the SOC 2 / ISO 27001 / ISO 42001 controls actually work on the AI Cloud side — day-to-day execution, evidence collection, internal self-audit, closing findings before external audits. Translate compliance language into concrete things engineering can actually do.
Insurance technical input — Underwriter questionnaires for Cyber / Tech E&O / Property policies need technical input from the AI Cloud side; this role responds. Update risk inputs at renewal (new products, architecture changes, incident history).
*
How you will stand out:
- 6+ years in security, with at least 3 years leaning toward AppSec / Product Security / DevSecOps or security consulting.
- Hands-on with B2B contract security clauses — either drafting standard terms for a product company, or reviewing customer redlines as a vendor.
- Solid on SDLC security: threat modeling (STRIDE/PASTA), secure code review, SAST/DAST/SCA, vulnerability management.
- Working knowledge of SOC 2 / ISO 27001 / NIST CSF — enough to execute controls inside a business line. Not asking for a certification expert, but you should be able to talk to auditors and compliance folks.
- Comfortable with at least one major cloud (AWS / GCP / Azure) at the architecture level — IAM, networking, workload security
More jobs in Singapore
Browse related jobs
Don’t just read the job — see if you’ll get it.
Get your match score, a resume tailored to this exact role, and jobs like it — free.
Check my fit for this job