Security Operations Engineer

San Jose, California, United States

OKX

Buy BTC, ETH, XRP and more on OKX, a leading crypto exchange – explore Web3, invest in DeFi and NFTs. Register now and experience the future of finance.

View company page

Who We Are

OKX is revolutionising world systems through our cutting-edge digital asset exchange, Web3 portal and blockchain ecosystems.We are deeply committed to shaping a fairer, more transparent and accessible society through blockchain technology and to date, we have 50+ million users, 3000+ employees and 180+ countries believing in the same vision as us. We are safe and reliable, backed by our Proof of Reserves. As strong supporters of the Arts and Sports, we are proud partners of @McLarenF1 @ManCity @Tribeca.

Security Operations Engineer

As a Security Operations Engineer, you will put in your utmost efforts to secure the OKX platform with millions of daily active users. You will work cross-functionally with design, product, and other engineering teams to identify and assess security risks, design and develop advanced security protective mechanisms and products or deliver high-quality thorough security operations and reinforcements. This is an opportunity to learn the full security life cycle of crypto and Web3 platforms and work along with a top-class security team fighting against worldwide security threats.

What You’ll Be Doing

  • Providing help and consulting to developers on secure coding practices.
  • Conducting security testing and vulnerability assessments, including penetration testing, vulnerability scanning, and code reviews.
  • Conducting routine checks and tests to ensure that all known vulnerabilities are detected and patched.
  • Performing and supporting cyber incident response operations.
  • Conduct security alert monitoring in IDS / EDR / SIEM / Cloud environment.
  • Supporting DLP implementation and response.
  • Conducting incident response and malware handling.
  • Complete malware and event analysis.
  • Keep updated on knowledge of the IT security industry: including awareness of new or revised security solutions, security standards, trends / best practices, offensive techniques and tools.
  • Assisting in establishing infrastructure review processes on network and infrastructure operation.
  • Leading support for deployment and promotion of security products.
  • Collaborate with teams across the globe for process completion.

What We Look For In You

  • 5+ years minimum of Information Security experience in the Financial industry / Tech company / Solution Service provider / SOC environment.
  • Familiar with EDR solution / SIEM integration / IDS system / Cloud / Sandbox / Log Analysis / PCAP Analysis, etc.
  • Familiar with mainstream security products/tools such as: Nessus, AWVS, Appscan, Burp, webInspect, kali, Wireshark etc.
  • Familiar with DLP solutions such as Proofpoint, Forcepoint, Fortinet, Imperva, Digital Guardian, etc.
  • Able to lead and complete malicious event analysis, remediation steps and complete the followup process with responsible engineers.
  • Hands on knowledge of static analysis of suspicious programs , performing behavioral analysis of malicious executables, performing dynamic code analysis of malicious, unpacking malicious software, analyzing Malicious Documents and Scripts.
  • Experience in cybersecurity operations to include Vulnerability Management, Incident Response, Incident Management.
  • Fluency in Mandarin (required) and English.

Nice to Haves

  • Degree in Computer Science or Masters in Information Systems / Technology/ Cybersecurity
  • Comfortable with the cloud-based Linux environment.
  • Experience in penetration tests, intrusion detection capability development, and maintenance, security emergency response, and other related work.
  • Experience in CTF competitions and achieving good results.
  • Having participated in trainings or certifications.
  • Interested in equipping themselves to be full-stack architects and open to rotate amongst specializations. Curious and excited in crypto/ block chain industry.
  • Ability to prioritize risks to the business in real-time.
  • Familiar with cyber security compliance.
  • Excellent analytical and problem-solving skills with attention to detail.
  • Experience with secure coding, SIEM, or DLP technologies.

Perks & Benefits

  • Competitive total compensation package
  • L&D programs and Education subsidy for employees' growth and development
  • Various team building programs and company events
  • Wellness and meal allowances
  • Comprehensive healthcare schemes for employees and dependents 
Okcoin Statement: The salary range for this position is $159,000 to $239,000. The salary offered depends on a variety of factors, including job-related knowledge, skills, experience, and market location. In addition to the salary, a performance bonus and long-term incentives may be provided as part of the compensation package, as well as a full range of medical, financial, and/or other benefits, dependent on the position offered. Applicants should apply via Okcoin and OKX internal or external careers site.   Okcoin is committed to equal employment opportunities regardless of race, color, genetic information, creed, religion, sex, sexual orientation, gender identity, lawful alien status, national origin, age, marital status, and non-job related physical or mental disability, or protected veteran status. Pursuant to the San Francisco Fair Chance Ordinance, we will consider employment-qualified applicants with arrest and conviction records.
Apply now Apply later
  • Share this job via
  • or
Job stats:  4  0  0

Tags: Blockchain Cloud Code analysis Compliance Computer Science Crypto CTF EDR Full stack IDS Incident response Intrusion detection Kali Linux Log analysis Malware Monitoring Nessus PCAP Pentesting SIEM SOC Vulnerabilities Vulnerability management

Perks/benefits: Competitive pay Startup environment Team events Wellness

Region: North America
Country: United States

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.