Information Security Manager, Security Operations & Incident Response

Focused on developing products and services for the digital assets sector, Bullish has rewired the traditional exchange to benefit asset holders, enable traders and increase market integrity. Supported by the group’s treasury, Bullish’s new breed of exchange combines deep liquidity, automated market making and industry-leading security and compliance to increase the accessibility of digital assets for investors. Bullish exchange is operated by Bullish (GI) Limited and is fully regulated in Gibraltar.

Mission: To make trading with digital assets more rewarding and secure.​

Vision: To be the most innovative, respected, and trusted leader in crypto.

Reports to:

Position Overview

At Bullish, we prioritize innovation and collaboration, creating an environment where your skills and expertise will thrive. We’re looking for a passionate Information Security Manager to build & lead our Security Operations & Incident Response (SOC/IR) team in the US, acting as the primary escalation point for the region and taking on the critical role of Incident Manager. In this pivotal role, you'll be at the forefront of our security operations, working with a talented, global team dedicated to safeguarding our organization and making a real impact in the industry.

This position is based in NYC and will be required to work onsite from our office based near Union Square.

Responsibilities:

• Lead a dedicated team of SOC/IR analysts, fostering a culture of excellence and continuous improvement.
• Serve as the primary escalation point for security incidents, guiding the team through high-stakes situations as the Incident Manager.
• Oversee the day-to-day activities of our SOC, ensuring that we meet our Service Level Objectives and respond effectively to security incidents.
• Monitor and respond to security incidents, conducting thorough containment and forensic investigations to protect our assets.
• Collaborate with global teams across the organization for seamless security incident response and to enhance our overall security posture.
• Identify gaps from incidents and recommend control improvements, ensuring our processes evolve to meet emerging threats.
• Create and maintain incident response playbooks and Standard Operating Procedures (SOPs) that empower our team to act decisively.
• Analyze security event data for proactive threat hunting, leveraging the latest frameworks and tools.
• Organize and participate in Tabletop and Red/Purple team exercises to bolster our incident response readiness.
• Update policies and procedures as necessary to maintain compliance with regulatory requirements.
• Participate in an on-call rota to provide coverage for security events occurring outside of standard business hours

Experience & Qualifications:

• 7 years of proven experience in Security Operations and Incident Response, with a strong background as an Incident Manager.

• Hands-on experience with SIEM technologies like Splunk and/or Google Chronicle, and familiarity with proactive and reactive threat hunting using MITRE ATT&CK or similar frameworks.

• Understanding of security controls/tools (IDS/IPS, WAF, EDR) and in-depth knowledge of networking protocols, operating systems, and cybersecurity concepts.

• Experience with forensic tools, malware analysis, and familiarity with cloud environments like AWS and GCP will set you apart.

• A BS/BA degree in Cyber Security, Computer Science, or a related field (or equivalent work experience) is desired.

• Relevant certifications such as CISSP, CISM, GCIA, GCIH, or similar are highly advantageous. Additional security certifications from accredited institutions are a plus.

• Excellent verbal and written communication skills with a knack for conveying complex information clearly.

Bullish is proud to be an equal opportunity employer. We are fast evolving and striving towards being a globally-diverse community. With integrity at our core, our success is driven by a talented team of individuals and the different perspectives they are encouraged to bring to work every day.