Web Security Engineer

OKX will be prioritising applicants who have a current right to work in Singapore, and do not require OKX's sponsorship of a visa   Who We Are At OKX, we believe that the future will be reshaped by crypto, and ultimately contribute to every individual's freedom. OKX is a leading crypto exchange, and the developer of OKX Wallet, giving millions access to crypto trading and decentralized crypto applications (dApps). OKX is also a trusted brand by hundreds of large institutions seeking access to crypto markets. We are safe and reliable, backed by our Proof of Reserves. Across our multiple offices globally, we are united by our core principles: We Before Me, Do the Right Thing, and Get Things Done. These shared values drive our culture, shape our processes, and foster a friendly, rewarding, and diverse environment for every OK-er. OKX is part of OKG, a group that brings the value of Blockchain to users around the world, through our leading products OKX, OKX Wallet, OKLink and more.     Key Responsibilities

• Responsible for the development and continuous optimization of internal web security capabilities, including intrusion technique research, intrusion behavior analysis, feature extraction, traffic detection modeling, and the development/validation/iteration of detection rules.
• Responsible for verifying and continuously improving the reliability, coverage depth, and breadth of existing security capabilities through red-team and blue-team exercises.
• Responsible for establishing and maintaining the company's internal risk control system, conducting risk analysis to identify risk patterns and features for business risk modeling, providing early warnings and solution planning, and driving product and business process optimization to reduce business risk incidents.
• Participate in intrusion event emergency response, handling, and post-incident review.
  
  

Requirements

• Bachelor’s degree or above in information security, computer science, or related fields.
• Solid foundation in security offensive and defensive knowledge, understanding common vulnerability principles and attack techniques, and familiarity with best practices and common defense solutions.
• Strong experience in data analysis and strategy analysis; experience in risk strategy/data mining is a plus.
• Good learning ability and communication skills.
  
  

Preferred Qualifications

• Experience independently managing penetration testing, intrusion detection capability development and maintenance, traffic detection modeling, and security emergency response.
• Experience in system risk control, technical risk modeling, and related work. Practical experience in threat modeling and risk control is a plus

Perks & Benefits

• Competitive total compensation package.
• L&D programs and Education subsidy for employees' growth and development.
• Various team building programs and company events.
• Wellness and meal allowances.
• Comprehensive healthcare schemes for employees and dependants.
• More that we love to tell you along the process!