Endpoint Security Engineer

Who We Are

At OKX, we believe that the future will be reshaped by crypto, and ultimately contribute to every individual's freedom. 

OKX is a leading crypto exchange, and the developer of OKX Wallet, giving millions access to crypto trading and decentralized crypto applications (dApps). OKX is also a trusted brand by hundreds of large institutions seeking access to crypto markets. We are safe and reliable, backed by our Proof of Reserves.

Across our multiple offices globally, we are united by our core principles: We Before Me, Do the Right Thing, and Get Things Done. These shared values drive our culture, shape our processes, and foster a friendly, rewarding, and diverse environment for every OK-er.

OKX is part of OKG, a group that brings the value of Blockchain to users around the world, through our leading products OKX, OKX Wallet, OKLink and more.

About the Opportunity

• Build host-based security detection capabilities, including but not limited to malware analysis, intrusion detection rule management, threat modeling, and host behavior baseline modeling for both office and production environments;
• Continuously optimize existing host security policies and detection models; handle threat alerts and incident responses to improve overall detection coverage and accuracy;
• Optimize current host data collection and detection pipelines to enhance the quality and coverage of fundamental host security data; drive consistency and integrity between real-time and offline host data.

• Degree in information security, network security, or computer science, with 3–5 years of experience in host security;
• Familiar with security attack and defense techniques; experienced in building and operating host security systems; in-depth knowledge of intrusion methods and detection techniques for both office and production networks;
• Proficient in macOS and Linux systems, with experience in optimizing host behavior data collection and improving host data quality and integrity;
• Familiar with mainstream APT attack techniques and corresponding detection methods, capable of identifying APT intrusions or attempted attacks in office or production environments;
• Skilled in host security detection in multi-cloud environments; familiar with mainstream EDR products for both office and production networks; candidates with in-house (enterprise-side) host security construction experience are preferred;
• Experience in enterprise-level big data analytics using tools such as Flink, Hive, Spark, ElasticSearch, and Graph technologies; practical experience in using real-time and offline data for threat modeling is a plus;
• Strong logical thinking and communication skills, with solid awareness of compliance and legal considerations.

Perks & Benefits

• Competitive total compensation package
• L&D programs and education subsidy for employees' growth and development
• Various team building programs and company events
• Wellness and meal allowance
• Comprehensive healthcare schemes for employees and dependants
• More that we love to tell you along the process!

#LI-DY #LI-ONSITE