Senior Security Engineer, Technology Governance and Compliance
Posted on Monday, December 11, 2023
Who We Are
At OKX, we believe the future will be reshaped by technology. Founded in 2017, we are revolutionising world systems through our cutting-edge digital asset exchange, Web3 portal and blockchain ecosystems. We reshape the financial ecosystem by offering some of the most diverse and sophisticated products, solutions, and trading tools on the market. Trusted by more than 50 million users in over 180 countries globally, OKX empowers every individual to explore the world of Web3. With our extensive range of products and services, and unwavering commitment to innovation, OKX envisions a world of financial access backed by blockchain and the power of decentralized finance.
We are innovative in the way we think, work, and in the products we create. We are also socially responsible by actively participating and encouraging employees to take part in various public welfare activities. With more than 3,000 employees around the world, we believe embracing diversity and inclusion will spark the creation of long-term value for the industry. Come Build the Future with Us now!
About the Team
The CISO team provides security advice and guidance to OKX entities across all coverage areas, including global locations support business growth by working with all teams within the company to help them achieve their goals. This team works closely with compliance and legal teams to interpret global requirements for applying for licensing or any regional requirements, and understanding them.
About the Opportunity
Security breaches are the number one cause of death amongst digital currency companies. Security is the core to our mission and has been a key competitive differentiator for us as we scale
As a Security Risk Manager on the CISO team, you will lead and manage multiple initiatives to mature OKX security programs globally. You’ll also have an opportunity to pitch, lead and participate in cross-functional initiatives that uplevel the security of all OKX products and services. This role works horizontally across the business to provide guidance for the design and implementation of key security controls, tools and technologies.
What You'll Be Doing
- Create and maintain solutions that uphold continuous compliance with a broad set of industry security standards and regulations (ISO27001, SOC 1/2, NIST, CIS benchmarks, etc)
- Manage third party security assessments and due diligence requests from regulatory agencies and auditors
- Develop procedures to respond to security and compliance queries from third party providers, partners and internal stakeholders
- Identify and implement tooling to automate processes and workflows that scale security goals and increase efficiency
- Lead cross-functional security efforts in the APAC region, working with Legal, Compliance, Engineering, HR, and Finance
What We Look For In You
- Bachelor's degree in Computer Science, Engineering, or a related technical discipline
- 7+ years executing scalable Security, Risk, and/or Compliance initiatives
- Entrepreneurial spirit, able to working in an exciting and dynamic fast paced environment, with competing priorities
- Strong communication skills with the ability to translate technical security requirements and risks into terms that anyone can understand
- Experience leading crossfunction efforts with operational and technical teams
- Prior involvement in ISO27001, SOC 1/2, NIST 800-53 or other compliance requirements
- Billangual speaking ( English and Chinese) is highly preferred as the team will be working across different regions
Nice to Haves
- CISSP, CISM, CISA or other security certification
- Prior experience with GRC tooling and/or implementation
- Past experience working with crypto platforms
Perks & Benefits
- Competitive total compensation package
- L&D programs and Education subsidy for employees' growth and development
- Various team building programs and company events
- Wellness and meal allowances [delete for remote roles]
- Comprehensive healthcare schemes for employees and dependants [delete for remote roles]
- More that we love to tell you along the process!