Homeoffice Sr. Staff/Principal Security Engineering na OKX
OKX · San Jose, Estados Unidos Da América · Remote
- Senior
Who We Are
About the Opportunity
What You’ll Be Doing
- Lead the design and development of advanced security testing platforms, including large-scale fuzzing frameworks, symbolic execution engines, and AI-powered validation systems.
- Drive secure architecture reviews and threat modeling for critical infrastructure, APIs, smart contracts, and cloud-native services.
- Champion Secure SDLC practices, embedding advanced static/dynamic analysis into CI/CD pipelines and automating vulnerability discovery.
- Research, prototype, and deploy cutting-edge defense mechanisms (e.g., moving target defense, runtime exploit mitigations, advanced key management systems).
- Serve as a subject matter expert on cryptography, data protection, and secure protocols, guiding product and engineering teams.
- Perform deep-dive vulnerability research, root cause analysis, and exploitation modeling across diverse platforms (web, mobile, cloud, automotive, blockchain).
- Mentor senior engineers and collaborate across global teams to establish security-by-design culture.
- Publish findings, contribute to open-source projects, and represent OKX in external security forums when appropriate.
What We Look For in You
- 12+ years of hands-on experience in security engineering, program analysis, or product security roles.
- Strong expertise in fuzzing, hybrid fuzzing, symbolic execution, or automated vulnerability discovery.
- Proven track record designing and deploying security tools at scale (distributed fuzzing clusters, static analysis platforms, runtime validation frameworks).
- In-depth knowledge of cryptography, secure protocols, data encryption, and key management.
- Solid understanding of application security principles (OWASP, STRIDE, TARA) and exploit techniques.
- Hands-on experience with cloud (AWS/GCP), container security (Docker/Kubernetes), and large-scale distributed systems.
- Proficiency in at least one system-level programming language (Java/C/C++/Rust/Go) and one scripting language (Python/Shell).
- Strong communication and leadership skills, with experience mentoring teams and influencing cross-functional stakeholders.
Nice to Haves
- Experience with blockchain, smart contract security, or cryptographic protocols.
- Contributions to academic research, open-source security tools, or bug bounty programs.
- Security certifications (OSCP, OSWE, CSSLP, CISSP, etc.).
- Published research papers in top-tier conferences (e.g., CCS, USENIX, NDSS, TDSC).
- Fluency in Mandarin is a plus, as the role may involve collaboration with global teams.
Perks & Benefits
- Competitive total compensation package
- L&D programs and education subsidy for continuous growth
- Comprehensive healthcare schemes for employees and dependents
- Wellness and meal allowances
- Various team-building programs and company events
- The salary range for this position is $214,666- 313,055.
- The salary offered depends on a variety of factors, including job-related knowledge, skills, experience, and market location. In addition to the salary, a performance bonus and long-term incentives may be provided as part of the compensation package, as well as a full range of medical, financial, and/or other benefits, dependent on the position offered. Applicants should apply via OKX internal or external careers site.