Graduate Hire 2024/25 - Security Engineer (Technology Governance, Certification & Audit)

Graduate Hire 2024/25 - Security Engineer (Technology Governance, Certification & Audit)

Company: OKX

OKX will be prioritising applicants who have a current right to work in Singapore, and do not require OKX's sponsorship of a visa. If you are interested in more than one Supernova role, please apply to your first preference. We will still consider you for all opportunities.

About OKX Graduate Program (Supernova)

The Supernova Program is a 3-year Career Accelerator Program that aims to fast-track high performing graduates into technical experts and future leaders mainly in the fields of Product Engineering, Product Management, and Product Design. As a graduate Security Engineer, you will ensure security and compliance of the OKX platform with millions of daily active users. You will work cross-functionally with design, product, and other engineering teams to identify and assess security and compliance risks, design and develop advanced security and compliance mechanisms, and products.

What You’ll Be Doing

• Organising, coordinating and facilitating audits by working with the auditors and obtaining evidence for audit requests.
• Handling due diligence requests and questionnaires received from regulators and other third parties.
• Supporting business units in developing and maintaining relevant technology-related documentation to support local licensing application and maintenance.
• Identifying technology, security and compliance control gaps and coordinating with stakeholders to resolve the gaps.
• Designing security and compliance controls to meet the requirements of best practices in application security, infrastructure security as well as regulatory compliance.
• Conducting security and control gap assessments, risk assessments, and audits.
• Developing and maintaining high-quality technical, security, and organizational documentation, including policies, standard operating procedures, standards, and guidelines.
• Upholding security and technology best practices and improving efficiency in cross-office/time zone collaboration.
• Collaborating with team members and functional stakeholders to meet control requirements to demonstrate organizational security compliance.

What We Look For In You

• Bachelors in Computer Science, Information Systems, Technology, Engineering, or related technical disciplines.
• Solid knowledge of information security principles, control design, and implementation.
• Holistic risk assessment skills to break down complex infrastructural and procedural issues.
• Compliance first mindset with ability to lead by example for internal and external stakeholders.
• Analytical with a positive problem-solving mindset, proactive team player, and comfortable in navigating ambiguity.

Nice to Haves

• Knowledgeable in the relevant tech stack skillset for the respective specialization.
• Familiarity with the cloud-based Linux environment and distributed architecture.
• Familiarity with Java/Python/Go, and daily developing tools.
• Alibaba Cloud and AWS knowledge and certifications are a strong plus.
• Familiarity with information security risk management and compliance frameworks.
• Proficiency in speaking, reading, and writing in both English and Mandarin.

Perks & Benefits

• Competitive total compensation package
• L&D programs and Education subsidy for employees' growth and development
• Various team building programs and company events
• Wellness and meal allowances
• Comprehensive healthcare schemes for employees and dependants