Security Operations Engineer

Who We Are

Okcoin is one of the world’s largest and fastest growing cryptocurrency exchanges. We help millions of people buy and sell bitcoin, and over 30 other crypto assets every day — but our work is a whole lot more than that. We’re building an inclusive future of finance, one that opens new opportunities to learn financial literacy, store value, and build wealth for everyone.

Ready to help the next billion people experience the future of finance with us? Come on board. We have offices in San Francisco, Miami, Malta, Hong Kong, Singapore and Japan. Even though this role is listed in San Francisco, we are remote friendly and believe in you working wherever you work best.

About the Team 

The Information Security team is responsible for the overall security compliance of Okcoin to ensure we properly protect our and our customers’ information and data, ensure we are compliant with various security compliance frameworks and regulations.

About the Opportunity

As Security Operations Engineer, you have the opportunity to help build and enhance our information security operation program to secure our platform, protect our and our customers’ data and establish a solid security IT environment.

You will be challenged to provide guidance for developing, implementing, and monitoring a strategic, comprehensive Okcoin global cybersecurity and IT risk management program.

You will work with various internal groups to support all information security-related activities.  You will make recommendations to improve the information security operation program based on the security monitoring, incident response, vulnerability scan, penetration testing, regulation examinations, audits, and 3rd party reviews.

You will also have the opportunity to promote security awareness among Okcoin employees.

The successful candidate will thrive in a fast-paced, collaborative, process-driven environment and be able to adapt and adjust plans on-the-fly. You must also have strong prioritization skills and a willingness to roll up one's sleeves to get the job done.

What You’ll Be Doing:

• Set up and maintain information security operation program
• Be the first line defender for all information security-related issues, including incident response, monitor our production platform, respond to alerts from various monitor systems
• Provide strategic recommendations to enhance processes, procedures, governance approaches, and compliance, including assistance with external and internal auditing, technical reviews, license applications, and identification of security risks
• Help to assess security-related documents under 3rd party vendor security review
• Evaluate and recommend information security solutions for enhancing the security of our platform
• Provide training to Okcoin employees on company-wide IT-related policies/procedures
• Manage the execution of special assignments and projects as directed

What We Look For In You:

• 3+ years of experience as a Security Operations Engineer or similar role
• Demonstrated track record of experience in vulnerability and penetration testing tools, general SOC operations, SIEM, DLP, and at least one scripting language
• Hands-on infrastructure as code experience and including scripting capabilities
• Experience in threat hunting, attack methodologies, tactics, protocols, perimeter, web, and application security
• 2+ years of industry experience in security and governance with an understanding of NIST, CIS, ISO, SOC2, PCI, HIPAA, GDPR, CCPA/CPRA
• Knowledge of security controls (e.g. Logical access, SSO, Anti-Malware, Firewalls, IDS/IPS, VPN, Web Content Filters, Proxies, DLP, SIEM, Log aggregation, etc.) 
• Working knowledge of common enterprise applications/tools such as Okta, JAMF, CrowdStrike, Google Workspace, VPN 
• Strong conceptual thinking and communication skills - the ability to translate complex business and technical requirements into effective and comprehensible solutions

Nice to Haves:

• Bachelor’s degree in computer science, or equivalent work experience required.
• Knowledge in AWS, Kubernetes, patch, incident response, forensics, vendor, and data management
• Experience working with teams across offices and time zones.
• Fluent in Mandarin and English

Highlights of Perks and Benefits:

• Market competitive total compensation package
• Comprehensive insurance package including medical, dental, vision, disability & life insurance (Company pays 100% for employee/80% for dependents)
• 401K with company contribution
• Flexible PTO policy, company paid holidays, and flexible hours
• UberEats Program
• Paid Parental Leave
• Employee Referral Bonus Program paid in BTC
• Company Donation Match
• More surprises when you join!

Okcoin Statement:

Okcoin is committed to equal employment opportunities regardless of race, color, genetic information, creed, religion, sex, sexual orientation, gender identity, lawful alien status, national origin, age, marital status, and non-job related physical or mental disability, or protected veteran status. Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.