Head of Data Privacy & Engineering Audit
Job Summary
Job Description
OKX is seeking an experienced Head of Data Privacy & Engineering Audit to lead its Internal Audit function. This role involves assessing and assuring data privacy and engineering controls within a leading crypto organization, ensuring data protection, integrity, and compliance. The Head of Data Privacy & Engineering Audit will build and lead a high-performing audit team, drive strategic assurance initiatives, and significantly impact the secure and compliant handling of sensitive data across innovative crypto products and infrastructure. The ideal candidate will have a strong understanding of data analytics, protection, governance, and quality principles in technical and control environments, alongside leadership and analytical skills.
Must have:
- Prior Crypto Exchange/Product Experience
- Strong Critical Thinking & Problem-Solving
- Fundamental Understanding of Blockchain
- Data Analytics/SQL for Blockchain Data
- Data Governance Auditing
- Data Quality Auditing
- Data Security and Privacy Auditing
- Data Modeling and Architecture Auditing
- ETL Process Auditing
- DBMS Auditing
- Risk Management for Data Privacy & Engineering Auditing
- Knowledge of Crypto Regulatory Requirements
Perks:
- Competitive total compensation package
- L&D programs and Education subsidy
- Various team building programs and company events
- Wellness and meal allowances
- Comprehensive healthcare schemes
16 skills required
Job Details
Who We Are
About the Opportunity
OKX is undertaking a significant global team buildout within its Internal Audit function, and we are looking for an experienced and visionary Head of Data Privacy & Engineering Audit. This is a unique opportunity to lead the assessment and assurance of data privacy and engineering controls within a leading crypto organization, ensuring the highest levels of data protection, integrity, and compliance for our global operations. You will build and lead a high-performing audit team, drive strategic assurance initiatives, and directly impact the secure and compliant handling of sensitive data across innovative crypto products and infrastructure.
We are seeking a seasoned IT audit professional with demonstrable experience in independently assessing data privacy and engineering practices within the crypto exchange or crypto product space. The ideal candidate will possess a deep understanding of data analytics, protection, governance, and quality principles applied to novel technical and control environments, coupled with strong leadership and analytical skills.
What You’ll Be Doing
- Lead and manage a global Data Privacy & Engineering Audit team, including hiring and developing individuals across key regions.
- Drive the execution of global audit programs, specifically assessing the design and operating effectiveness of controls over data privacy, data governance, data quality, data security, data modeling, ETL processes, and database management systems.
- Oversee the independent validation of IT incidents related to data privacy and engineering, and provide critical audit support for group-wide IT certifications.
- Collaborate effectively with other functional and regional Internal Audit portfolio leads to provide expert data analytics, privacy, and engineering controls testing and assurance for integrated audits.
- Develop and implement advanced audit methodologies tailored to the unique complexities of managing sensitive data in high-volume, distributed crypto systems, including both on-chain and off-chain data.
- Provide strategic audit insights and independent assurance on emerging data privacy and engineering risks in the cryptocurrency space to senior leadership and the Audit Committee.
What We Look For In You
- Prior Crypto Exchange/Crypto Product Experience is Essential.
- Strong Critical Thinking and Problem-Solving Skills: Capacity to analyze complex, often novel, technical and control environments unique to crypto, identify intricate root causes of issues, and propose effective, context-specific solutions.
- Fundamental Understanding of Blockchain Technology: Basic knowledge of distributed ledger technologies, consensus mechanisms (e.g., PoW, PoS), cryptography (hashing, public-key), and the lifecycle of a cryptocurrency transaction.
- Data Analytics/SQL for Blockchain Data: Advanced ability to perform complex queries, data modeling, and statistical analysis across diverse datasets. This includes analyzing CI/CD pipeline logs, git commit history, dependency manifests, and configuration management logs to identify security vulnerabilities, misconfigurations, and deviations from secure coding standards across the development lifecycle. It also extends to complex data profiling, data quality analysis, identifying sensitive data across both traditional databases and blockchain data, and monitoring data access patterns for security and regulatory compliance in the crypto context.
- Data Governance Auditing: Expertise in independently assessing data governance frameworks that cover both on-chain and off-chain data, ensuring proper classification, ownership, and lifecycle management of sensitive crypto-related information.
- Data Quality Auditing: Ability to independently evaluate data quality controls with a focus on transactional integrity, reconciliation, and consistency across disparate systems (e.g., internal ledgers vs. blockchain explorers).
- Data Security and Privacy Auditing: Critical. Deep understanding of global data privacy regulations and their specific application to crypto assets and user data (e.g., pseudonymity, unmasking on-chain data, handling of KYC/AML data), along with the ability to independently audit compliance with these complex requirements.
- Data Modeling and Architecture Auditing: Strong knowledge of data modeling techniques for both traditional databases and blockchain structures. Ability to independently audit the design and implementation of data architectures that integrate on-chain data, off-chain transactional data, and analytics platforms.
- Extract Transform Load (ETL) Process Auditing: Ability to independently assess the security, integrity, accuracy, and completeness of complex ETL processes that ingest, transform, and load data from blockchain networks, external APIs, and internal systems for reconciliation and analytics.
- Database Management System (DBMS) Auditing: Expertise in independently auditing the security configuration, access controls, logging, and patching of traditional databases and specialized data stores used for blockchain nodes (e.g., LevelDB, RocksDB) and high-performance transactional data.
- Risk Management Principles for Data Privacy & Engineering Auditing: Advanced grasp of risk identification, assessment, mitigation, and monitoring methodologies specifically tailored to the high-stakes, real-time, and often irreversible nature of crypto transactions and sensitive data handling.
- Knowledge of Specific Regulatory Requirements impacting Data Privacy & Engineering: Understanding of specific regulatory requirements impacting crypto exchanges globally (e.g., GDPR, CCPA, anti-money laundering (AML), combating the financing of terrorism (CFT) as per FATF, sanctions compliance, specific licensing requirements for Virtual Asset Service Providers (VASPs)) and how these translate to technical controls relevant to data privacy and engineering.
Perks & Benefits
- Competitive total compensation package
- L&D programs and Education subsidy for employees' growth and development
- Various team building programs and company events
- Wellness and meal allowances
- Comprehensive healthcare schemes for employees and dependants
- More that we love to tell you along the process!
OKX Statement:
OKX is committed to equal employment opportunities regardless of race, color, genetic information, creed, religion, sex, sexual orientation, gender identity, lawful alien status, national origin, age, marital status, and non-job related physical or mental disability, or protected veteran status. Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.
- The salary range for this position is $240,000 - $360,000
- The salary offered depends on a variety of factors, including job-related knowledge, skills, experience, and market location. In addition to the salary, a performance bonus and long-term incentives may be provided as part of the compensation package, as well as a full range of medical, financial, and/or other benefits, dependent on the position offered. Applicants should apply via OKX internal or external careers site.
Apply for this job
*
indicates a required field
