Security Engineer (Data & Endpoint Security)

OKX • Full-time • Hong Kong, Hong Kong SAR • 9h ago

Who We Are

At OKX, we believe that the future will be reshaped by crypto, and ultimately contribute to every individual's freedom.

OKX is a leading crypto exchange, and the developer of OKX Wallet, giving millions access to crypto trading and decentralized crypto applications (dApps). OKX is also a trusted brand by hundreds of large institutions seeking access to crypto markets. We are safe and reliable, backed by our Proof of Reserves.

Across our multiple offices globally, we are united by our core principles: We Before Me, Do the Right Thing, and Get Things Done. These shared values drive our culture, shape our processes, and foster a friendly, rewarding, and diverse environment for every OK-er.

OKX is part of OKG, a group that brings the value of Blockchain to users around the world, through our leading products OKX, OKX Wallet, OKLink and more.

About the Opportunity

Job Responsibilities

Data Security (Optional Focus Area)

Develop and enhance enterprise data security detection capabilities, including but not limited to DLP, sensitive data identification, data encryption/decryption, and data masking.
Continuously validate and optimize existing data security rules, models, and detection strategies to improve coverage and accuracy.
Participate in data security incident identification, response, investigation, and forensics.
Build and maintain data asset maps; use graph-based techniques to trace data flows and identify risks of sensitive data exfiltration.
Use enterprise data platforms to perform risk analytics, anomaly detection, and data-focused threat modeling.

Endpoint / Host Security (Optional Focus Area)

Build and improve host-based detection capabilities, including malware analysis, intrusion detection, threat modeling, and host behavior baseline modeling across office and production environments.
Continuously refine host security policies and detection models to improve detection performance and reduce false positives.
Handle host security alerts and incident response end-to-end.
Enhance endpoint data collection pipelines to improve data completeness, integrity, and real-time coverage.
Detect and analyze APT attacks and attempted intrusions across multi-cloud and hybrid environments; support endpoint security architecture improvements.

Job Requirements

Core Requirements

Bachelor’s degree or above in Information Security, Network Security, Computer Science, or related fields; 3–5+ years of experience in data security or host security.
Strong understanding of security attack/defense techniques and enterprise security system design.
Hands-on experience with data security or endpoint security products (e.g., DLP, EDR, UEBA, sensitive data identification).
Proficiency in macOS and Linux systems; experience with enterprise endpoint protection solutions.
Familiarity with big data analytics platforms such as Flink, Spark, Hive, Elasticsearch, and graph analysis technologies.
Strong analytical thinking, communication skills, and a solid understanding of compliance and legal obligations in security operations.

Preferred Qualifications (Any of the Below)

Experience designing endpoint data protection or host agent solutions.
Experience detecting or analyzing APT attacks in enterprise environments.
Experience in data lineage analysis, graph-based security analytics, or sensitive data flow tracing.
Hands-on experience with security data models, detection rule engines, or in-house security product development.
Prior experience building or operating host/data security systems within an enterprise security team.

Perks & Benefits

Competitive total compensation package
L&D programs and education subsidy for employees' growth and development
Various team building programs and company events
Wellness and meal allowance
Comprehensive healthcare schemes for employees and dependants
More that we love to tell you along the process!

#LI-DY #LI-ONSITE

Notice:All official OKX vacancies are posted on this site. We are not affiliated with other third-party job boards except Linkedin.com, listings on other sites may be inaccurate or outdated. This is the only source of truth for applications.

Information collected and processed as part of the recruitment process of any job application you choose to submit is subject to OKX's Candidate Privacy Notice.