Who We Are
At OKX, we believe the future will be reshaped by technology. Founded in 2017, we are building the world’s most powerful and reliable crypto trading and Web3 ecosystem. We’ve created a safe, secure, and transparent environment that empowers millions of people to explore crypto. Across our global offices, we’re united by our core principles: We Before Me, Do the Right Thing, and Get Things Done.
We are a team of risk-minded problem solvers and passionate builders who are committed to creating a world of financial access for everyone.
About the Opportunity
As a Senior Staff Security Engineer, you will be a hands-on technical leader responsible for advancing OKX’s product and infrastructure security. You’ll design and deploy cutting-edge solutions across fuzzing, program analysis, applied cryptography, and AI-driven security testing. This role requires strong technical depth, creativity in solving novel security problems, and the ability to influence engineering direction at scale.
This is an opportunity to lead transformative security initiatives in one of the fastest-moving industries while working with a world-class security team.
What You’ll Be Doing
-
Lead the design and development of advanced security testing platforms, including large-scale fuzzing frameworks, symbolic execution engines, and AI-powered validation systems.
-
Drive secure architecture reviews and threat modeling for critical infrastructure, APIs, smart contracts, and cloud-native services.
-
Champion Secure SDLC practices, embedding advanced static/dynamic analysis into CI/CD pipelines and automating vulnerability discovery.
-
Research, prototype, and deploy cutting-edge defense mechanisms (e.g., moving target defense, runtime exploit mitigations, advanced key management systems).
-
Serve as a subject matter expert on cryptography, data protection, and secure protocols, guiding product and engineering teams.
-
Perform deep-dive vulnerability research, root cause analysis, and exploitation modeling across diverse platforms (web, mobile, cloud, automotive, blockchain).
-
Mentor senior engineers and collaborate across global teams to establish security-by-design culture.
-
Publish findings, contribute to open-source projects, and represent OKX in external security forums when appropriate.
What We Look For in You
-
12+ years of hands-on experience in security engineering, program analysis, or product security roles.
-
Strong expertise in fuzzing, hybrid fuzzing, symbolic execution, or automated vulnerability discovery.
-
Proven track record designing and deploying security tools at scale (distributed fuzzing clusters, static analysis platforms, runtime validation frameworks).
-
In-depth knowledge of cryptography, secure protocols, data encryption, and key management.
-
Solid understanding of application security principles (OWASP, STRIDE, TARA) and exploit techniques.
-
Hands-on experience with cloud (AWS/GCP), container security (Docker/Kubernetes), and large-scale distributed systems.
-
Proficiency in at least one system-level programming language (Java/C/C++/Rust/Go) and one scripting language (Python/Shell).
-
Strong communication and leadership skills, with experience mentoring teams and influencing cross-functional stakeholders.
Nice to Haves
-
Experience with blockchain, smart contract security, or cryptographic protocols.
-
Contributions to academic research, open-source security tools, or bug bounty programs.
-
Security certifications (OSCP, OSWE, CSSLP, CISSP, etc.).
-
Published research papers in top-tier conferences (e.g., CCS, USENIX, NDSS, TDSC).
-
Fluency in Mandarin is a plus, as the role may involve collaboration with global teams.
Perks & Benefits
-
Competitive total compensation package
-
L&D programs and education subsidy for continuous growth
-
Comprehensive healthcare schemes for employees and dependents
-
Wellness and meal allowances
-
Various team-building programs and company events
OKX Statement
OKX is committed to equal employment opportunities regardless of race, color, genetic information, creed, religion, sex, sexual orientation, gender identity, lawful alien status, national origin, age, marital status, and non-job related physical or mental disability, or protected veteran status.
