Head of Cybersecurity Audit

1 Month ago • All levels • Cyber Security • $240,000 PA - $360,000 PA

Job Summary

Job Description

OKX is seeking an experienced and visionary Head of Cybersecurity Audit to lead its global cybersecurity audit function. This role involves building and leading a high-performing team, driving strategic initiatives, and directly impacting the security posture of innovative crypto products and infrastructure. The ideal candidate will possess a deep understanding of cybersecurity and audit principles applied to novel technical and control environments within the crypto exchange or crypto product space, coupled with strong leadership and analytical skills. The responsibilities include leading and managing a global cybersecurity audit team, driving the cybersecurity audit strategy and risk monitoring program, executing global Information Security audit programs, overseeing IT incident validations, and collaborating with functional and regional leads for IT security controls testing.
Must have:
  • Lead Cybersecurity Audit Teams in Crypto
  • Strong Critical Thinking & Problem-Solving
  • Understand Blockchain Technology
  • Proficiency in Data Analytics/SQL for Security
  • Security Auditing & Compliance Expertise
  • VAPT Interpretation & Oversight for Crypto
  • Incident Response & Forensics for Crypto
  • Network Security for Crypto Infrastructure
  • Cloud Security for Distributed Crypto Systems
  • SIEM for Blockchain & Crypto Systems
  • Knowledge of Cyber Threat Landscape
  • Risk Management Principles for Cybersecurity
  • Knowledge of Crypto Regulatory Requirements
Perks:
  • Competitive total compensation package
  • L&D programs and Education subsidy
  • Team building programs and company events
  • Wellness and meal allowances
  • Comprehensive healthcare schemes for employees and dependents

Job Details

Who We Are

At OKX, we believe that the future will be reshaped by crypto, and ultimately contribute to every individual's freedom. OKX is a leading crypto exchange, and the developer of OKX Wallet, giving millions access to crypto trading and decentralized crypto applications (dApps). OKX is also a trusted brand by hundreds of large institutions seeking access to crypto markets. We are safe and reliable, backed by our Proof of Reserves. Across our multiple offices globally, we are united by our core principles: We Before Me, Do the Right Thing, and Get Things Done. These shared values drive our culture, shape our processes, and foster a friendly, rewarding, and diverse environment for every OK-er. OKX is part of OKG, a group that brings the value of Blockchain to users around the world, through our leading products OKX, OKX Wallet, OKLink and more.
 

About the Opportunity

OKX is undertaking a significant global team buildout, and we are looking for an experienced and visionary Head of Cybersecurity Audit to lead this critical function. This is a unique opportunity to shape the cybersecurity audit landscape within a leading crypto organization, ensuring the highest levels of security and compliance for our global operations. You will build and lead a high-performing team, drive strategic initiatives, and directly impact the security posture of innovative crypto products and infrastructure.
 
We are seeking a seasoned cybersecurity audit professional with demonstrable experience in the crypto exchange or crypto product space. The ideal candidate will possess a deep understanding of cybersecurity and audit principles applied to novel technical and control environments, coupled with strong leadership and analytical skills. Ability to work effectively across time zones given the global nature of the organization and the audit team.
 

What You’ll Be Doing

  • Lead and manage a global cybersecurity audit team, including driving the cybersecurity audit strategy and risk monitoring program.
  • Drive the execution of global Information Security audit programs, ensuring comprehensive coverage and adherence to best practices.
  • Oversee IT incident validations and provide critical support for group-wide IT certifications.
  • Collaborate effectively with functional and regional portfolio leads to provide expert IT security controls testing support for integrated audits.
  • Develop and implement advanced audit methodologies tailored to the unique complexities of blockchain technology, crypto exchanges, and decentralized systems.
  • Provide strategic guidance and insights on emerging cybersecurity risks and controls in the cryptocurrency space to senior leadership.
 

What We Look For In You

  • Prior Experience Leading Cybersecurity Audit Teams in the Crypto Exchange/Crypto Product Space is Essential.
  • Strong Critical Thinking and Problem-Solving Skills: Capacity to analyze complex, often novel, technical and control environments unique to crypto, identify intricate root causes of issues, and propose effective, context-specific solutions.
  • Fundamental Understanding of Blockchain Technology: Basic knowledge of distributed ledger technologies, consensus mechanisms (e.g., PoW, PoS), cryptography (hashing, public-key), and the lifecycle of a cryptocurrency transaction.
  • Data Analytics/SQL for Deep Security Analysis: Proficiency in querying and analyzing large volumes of security logs, blockchain transaction data, wallet addresses, vulnerability scan outputs, penetration test results, and threat intelligence feeds to identify sophisticated attack patterns, anomalies, and potential illicit activities unique to crypto.
  • Security Auditing and Compliance: Deep understanding of common cybersecurity frameworks (e.g., NIST CSF, ISO 27001) applied within the unique risk context of a crypto exchange. Ability to assess compliance with emerging crypto-specific security standards and regulatory guidance.
  • Vulnerability Assessment & Penetration Testing (VAPT) Interpretation & Oversight for Crypto Assets: Ability to plan, scope, interpret, and assess the remediation effectiveness of VAPTs specifically targeting blockchain infrastructure, smart contracts, exchange platforms, and wallet security.
  • Incident Response & Forensics for Crypto Incidents: Expertise in incident response lifecycles and forensic investigation techniques specifically tailored for crypto incidents (e.g., fund misappropriation, smart contract exploits, private key compromises, denial-of-service on nodes).
  • Network Security for High-Value Crypto Infrastructure: Advanced expertise in evaluating highly resilient and secure network architectures for crypto exchanges, including multi-layer defenses, DDoS mitigation for high-volume transactions, and secure connectivity to blockchain nodes and custodians.
  • Cloud Security for Distributed Crypto Systems: In-depth understanding of cloud security principles and ability to audit complex cloud deployments hosting distributed ledger nodes, hot/cold wallet infrastructure, and high-performance trading engines across multiple cloud providers.
  • Security Information and Event Management (SIEM) for Blockchain and Crypto Systems: Ability to assess the configuration, correlation rules, and alerting mechanisms of SIEM solutions specifically integrated with blockchain nodes, off-chain transaction systems, and crypto-specific logs to detect sophisticated threats.
  • Understanding of Cyber Threat Landscape & Attack Vectors: In-depth knowledge of unique attack vectors targeting crypto exchanges (e.g., flash loan attacks, reentrancy attacks, oracle manipulation, phishing for private keys, supply chain attacks on blockchain software) and the specific techniques used by threat actors in this space.
  • Risk Management Principles for Cybersecurity: Advanced grasp of cybersecurity risk identification, assessment, mitigation, and monitoring methodologies specifically tailored to the high-stakes, real-time, and often irreversible nature of crypto transactions.
  • Knowledge of Specific Regulatory Requirements: Understanding of specific regulatory requirements impacting crypto exchanges globally (e.g., anti-money laundering (AML), combating the financing of terrorism (CFT) as per FATF, sanctions compliance, specific licensing requirements for Virtual Asset Service Providers (VASPs) and how these translate to technical controls.
 
Perks & Benefits 
  • Competitive total compensation package
  • L&D programs and Education subsidy for employees' growth and development
  • Various team building programs and company events
  • Wellness and meal allowances
  • Comprehensive healthcare schemes for employees and dependants
  • More that we love to tell you along the process!
 
OKX Statement:
OKX is committed to equal employment opportunities regardless of race, color, genetic information, creed, religion, sex, sexual orientation, gender identity, lawful alien status, national origin, age, marital status, and non-job related physical or mental disability, or protected veteran status. Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.
 
  • The salary range for this position is $240,000 - $360,000
  • The salary offered depends on a variety of factors, including job-related knowledge, skills, experience, and market location. In addition to the salary, a performance bonus and long-term incentives may be provided as part of the compensation package, as well as a full range of medical, financial, and/or other benefits, dependent on the position offered. Applicants should apply via OKX internal or external careers site.

Similar Jobs

Rockstar Games - Senior Physics Programmer

Rockstar Games

Edinburgh, Scotland, United Kingdom (On-Site)
2 Months ago
Everi - Field Service Technician – Be the Power Behind the Play

Everi

Louisville, Kentucky, United States (Hybrid)
2 Weeks ago
Capgemini - System Integrator - Zabbix

Capgemini

Bengaluru, Karnataka, India (On-Site)
1 Month ago
C3 IoT - Senior Unity Engineer, Mixed Reality

C3 IoT

Redwood City, California, United States (On-Site)
4 Weeks ago
Rockstar Games - Graphics Programmer

Rockstar Games

Oakville, Ontario, Canada (On-Site)
4 Months ago
Anavation - Security Engineer

Anavation

Washington, District Of Columbia, United States (On-Site)
2 Months ago
Jane Street - Cybersecurity Detection and Response Analyst

Jane Street

Hong Kong (On-Site)
2 Months ago
Rocket studio - Senior/Expert Security Specialist (IT)

Rocket studio

Warsaw, Masovian Voivodeship, Poland (Hybrid)
3 Months ago
Unisys - Senior Cybersecurity Consultant in the Financial Sector (Future project)

Unisys

Bogotá, Bogota, Colombia (On-Site)
1 Week ago
Rackspace Technology - Network Security Engineer III

Rackspace Technology

Gurugram, Haryana, India (Remote)
1 Month ago

Get notifed when new similar jobs are uploaded

Similar Skill Jobs

Pay2 - Engineering Manager (Java Background)

Pay2

Gurugram, India (On-Site)
3 Months ago
Hitachi - Senior Offshore Azure Infrastructure - EST Shift

Hitachi

Pune, Maharashtra, India (On-Site)
9 Months ago
Inveniolsi - SAP BRF+ Consultant

Inveniolsi

India (On-Site)
1 Week ago
Sailpoint - Senior Consultant: Expert Services

Sailpoint

Pune, Maharashtra, India (On-Site)
1 Year ago
Skydance - Environment Surfacing Trainee

Skydance

Madrid, Community Of Madrid, Spain (On-Site)
1 Week ago
Apple - Power UPF Methodology Engineer

Apple

Beaverton, Oregon, United States (On-Site)
1 Month ago
Alpha Sense - Senior AI Engineer

Alpha Sense

Bengaluru, Karnataka, India (On-Site)
2 Months ago
Intel  - Facilities Technician Intern

Intel

Santa Clara, California, United States (On-Site)
1 Year ago
Larian Studios - GRAPHICS PROGRAMMER

Larian Studios

Quebec, Canada (On-Site)
7 Months ago
Enphase Energy - Senior Staff Systems Engineer

Enphase Energy

Bengaluru, Karnataka, India (On-Site)
1 Month ago

Get notifed when new similar jobs are uploaded

Jobs in San Jose, California, United States

entrata - Business Consultant

entrata

Lehi, Utah, United States (Hybrid)
1 Month ago
AECOM - Highway Engineering Technical Lead

AECOM

Mechanicsburg, Pennsylvania, United States (Hybrid)
1 Month ago
Xplor Technologies - Senior Sales Executive of ISV Partnerships – Payment Solutions

Xplor Technologies

Atlanta, Georgia, United States (Remote)
1 Month ago
Clearwater Analytics - Associate General Counsel

Clearwater Analytics

Boise, Idaho, United States (On-Site)
1 Year ago
WebTech Corporation - Assembler I

WebTech Corporation

Buffalo Grove, Illinois, United States (On-Site)
2 Months ago
The E.W. Scripps Company - Account Executive, KGUN

The E.W. Scripps Company

Tucson, Arizona, United States (On-Site)
2 Weeks ago
OKX - Associate General Counsel, Web3

OKX

Austin, Texas, United States (On-Site)
1 Month ago
Apple - Senior ML Engineer - Generative AI, Siri Agent Modeling

Apple

Sunnyvale, California, United States (On-Site)
3 Months ago
Valve corporation - Effects Artist

Valve corporation

Bellevue, Washington, United States (On-Site)
8 Months ago
Apple - Cross-Platform (iOS/macOS/watchOS/visionOS/iPadOS) Software Developer - Maps Experiences

Apple

Culver City, California, United States (On-Site)
2 Months ago

Get notifed when new similar jobs are uploaded

Cyber Security Jobs

PayPal - Manager, Cybersecurity Risk

PayPal

San Jose, California, United States (On-Site)
2 Weeks ago
 Dassault Systèmes - Cyber Threat Intelligence Analyst

Dassault Systèmes

Vélizy-Villacoublay, Île-de-France, France (On-Site)
3 Years ago
LeoVegas - Senior Information Security GRC Analyst

LeoVegas

Sliema, Malta (On-Site)
4 Weeks ago
Jane Street - Cybersecurity Engineering - Threat Modelling

Jane Street

Hong Kong (On-Site)
2 Months ago
Rackspace Technology - Sr. Cloud Security Engineer

Rackspace Technology

United States (Remote)
1 Week ago
Interactive Brokers - Client Operations Security and Fraud Prevention Analyst (Mandarin Speaker)

Interactive Brokers

Budapest, Hungary (On-Site)
1 Month ago
Jane Street - Cybersecurity Analyst

Jane Street

New York, United States (On-Site)
1 Week ago
Cadence - IT- Staff Software Security Engineer

Cadence

Noida, Uttar Pradesh, India (On-Site)
2 Months ago
Arkose Labs - Security Analyst

Arkose Labs

Brisbane, Queensland, Australia (Hybrid)
2 Months ago
bytedance - Security Systems Engineer, Fleet Management

bytedance

Singapore (On-Site)
6 Months ago

Get notifed when new similar jobs are uploaded

About The Company

OKX is a world-leading digital asset exchange, providing advanced financial services to traders worldwide leveraging blockchain technology. Our platform offers spot & derivatives trading helping traders optimize their strategy. It provides a safe, reliable and stable environment for digital assets trading via web interface and mobile app by adopting GSLB, and distributed server clusters. We believe blockchain technology will eliminate barriers to transactions, increase the efficiency of transactions across society, and eventually have a significant impact on the global economy. We strive to achieve something that changes the world and never stop to innovate and improve on our customer experience.

Kuala Lumpur, Federal Territory Of Kuala Lumpur, Malaysia (On-Site)

San Jose, California, United States (On-Site)

Kuala Lumpur, Federal Territory Of Kuala Lumpur, Malaysia (On-Site)

Kuala Lumpur, Federal Territory Of Kuala Lumpur, Malaysia (On-Site)

Kuala Lumpur, Federal Territory Of Kuala Lumpur, Malaysia (On-Site)

San Jose, California, United States (On-Site)

San Jose, California, United States (On-Site)

View All Jobs

Get notified when new jobs are added by OKX

Level Up Your Career in Game Development!

Transform Your Passion into Profession with Our Comprehensive Courses for Aspiring Game Developers.

Job Common Plug