Security Governance Engineer

Confirmed live in the last 24 hours

OKX

Hong Kong, Hong Kong SAR

Hybrid

Posted March 23, 2026

Job Description

Who We Are

At OKX, we believe that the future will be reshaped by crypto, and ultimately contribute to every individual's freedom.

OKX is a leading crypto exchange, and the developer of OKX Wallet, giving millions access to crypto trading and decentralized crypto applications (dApps). OKX is also a trusted brand by hundreds of large institutions seeking access to crypto markets. We are safe and reliable, backed by our Proof of Reserves.

Across our multiple offices globally, we are united by our core principles: We Before Me, Do the Right Thing, and Get Things Done. These shared values drive our culture, shape our processes, and foster a friendly, rewarding, and diverse environment for every OK-er.

OKX is part of OKG, a group that brings the value of Blockchain to users around the world, through our leading products OKX, OKX Wallet, OKLink and more.

Responsibilities:

Security Risk Discovery & Assessment

Security Architecture Review: Conduct comprehensive security architecture assessments for new and existing systems using Threat Modeling methodologies to identify structural vulnerabilities before they go live.
AI & MCP Security Assessment: Evaluate the security posture of Artificial Intelligence implementations, specifically focusing on MCP integrations, LLM interactions, and AI Agent permissions to prevent prompt injection, unauthorized data access, and excessive agency.
Access Control Assessment: Evaluate permission control mechanisms across enterprise systems to identify over-provisioning and control deficiencies.
Cloud Infrastructure Review: Audit cloud platform configurations and overall architecture to detect potential security vulnerabilities.
Data Flow Analysis: Evaluate technical safeguards during critical data flows to uncover leakage risks.
System Review: Conduct comprehensive system security reviews and design robust security hardening solutions.