Cloud Security Engineer, EU

Who We Are

At OKX, we believe that the future will be reshaped by crypto, and ultimately contribute to every individual's freedom.

OKX is a leading crypto exchange, and the developer of OKX Wallet, giving millions access to crypto trading and decentralized crypto applications (dApps). OKX is also a trusted brand by hundreds of large institutions seeking access to crypto markets. We are safe and reliable, backed by our Proof of Reserves.

Across our multiple offices globally, we are united by our core principles: We Before Me, Do the Right Thing, and Get Things Done. These shared values drive our culture, shape our processes, and foster a friendly, rewarding, and diverse environment for every OK-er.

About the Opportunity

The Security team plays a critical role in safeguarding our infrastructure, data, and users as we build a secure and resilient platform for digital asset transactions. As a Cloud Security Expert, you will be part of a high-performing team responsible for shaping and enforcing cloud security architecture across global deployments, with a focus on regulatory compliance and collaboration. You will work closely with local regulators and internal stakeholders to ensure that our cloud environment on AWS meet stringent security and governance standards. Reporting directly to the Regional CISO based in the EU, you will contribute to the strategic direction of our security initiatives, driving improvements in policy, risk management, and architectural design. Innovation, transparency, and partnership with engineering teams are central to how we operate. Join us and help define the future of secure cryptocurrency infrastructure.

Responsibilities:

• Act as the primary liaison with local regulators and auditors to ensure compliance with applicable regulations and standards
• Perform threat modeling and risk assessments for cloud deployments and major architectural changes
• Design and implement secure, scalable, and resilient cloud security architectures across AWS and AliCloud environments
• Lead the development and ongoing refinement of cloud security frameworks, controls, and policies aligned with industry best practices (e.g., NIST, CIS, ISO 27001)
• Define and enforce secure configuration baselines for cloud resources, including IAM, VPC, KMS, and logging
• Cooperate with internal security and incident response teams during cloud-related investigations and assist in containment, remediation, and root cause analysis
• Drive implementation of monitoring, detection, and response mechanisms using modern cloud-native security tools
• Collaborate with engineering and infrastructure teams to embed security into cloud-native services and automation workflows
• Support cross-functional teams including legal, compliance, and business stakeholders in security-related reviews and regulatory inquiries
• Track emerging cloud security threats, regulatory changes, and best practices to proactively evolve the organization’s security posture

Requirements:

• Bachelor’s degree in Computer Science, Information Security, or equivalent practical experience
• Proven experience designing and implementing secure cloud solutions on AWS and AliCloud
• Strong knowledge of cloud-native security components such as IAM policies, security groups, encryption (KMS), S3 bucket policies, and VPC architecture
• Hands-on experience working with AliCloud security services, including Resource Access Management (RAM), ActionTrail, and Security Center
• Experience working with regulators, auditors, or compliance teams, particularly in jurisdictions with strong regulatory oversight (e.g., Singapore, Hong Kong, Malta, and other European financial or data protection authorities)
• Experience liaising with distributed cloud engineering teams across the APAC region
• Solid understanding of security frameworks and standards such as NIST, ISO 27001, CIS Benchmarks, and PCI-DSS
• Familiarity with Infrastructure-as-Code tools like Terraform or AliCloud ROS
• Experience with SIEM, CSPM etc tools for continuous monitoring and reporting
• Strong communication skills to convey security risks, requirements, and technical recommendations clearly
• Fluent in English, both written and spoken

Preferred Qualifications:

• Experience in regulated industries such as Financial Services with experience in FinTech, Crypto, regulated media
• Prior engagement in regulatory audits, assessments, or compliance programs (e.g., MAS TRM, HKMA C-RAF, Malta’s MFSA, EU GDPR, or other European supervisory frameworks)
• Familiarity with AliCloud-native security tools and policies, including DataWorks security features, MaxCompute access controls, and Cloud Config
• Relevant certifications such as AWS Security Specialty, AliCloud ACA/ACP Security, CISSP, or CCSP
• Experience working with cross-functional teams across multiple time zones