Expert Application Security Engineer (iOS) at OKX

<div data-page-id="TCwTd1XbAo329BxZ8gduOYzzsrg" data-lark-html-role="root" data-docx-has-block-data="false"> <div class="ace-line ace-line old-record-id-XF0hdb5j4oBVqzxuy4ruRikVsdd"><u><strong>About OKX:</strong></u></div> <div class="ace-line ace-line old-record-id-XF0hdb5j4oBVqzxuy4ruRikVsdd">&nbsp;</div> <div class="ace-line ace-line old-record-id-YE6vdE9jGoJlqAxbrb1uP8S7sxf"> <div data-page-id="RpoEdRXrWoavx2xJ5CPu6mmysBc" data-lark-html-role="root" data-docx-has-block-data="false"> <div class="ace-line ace-line old-record-id-RKOAdw3kVoh5EQxcr2juP3i0sTb">At OKX, we believe that the future will be reshaped by Crypto, ultimately contributing to every individual's freedom. OKX began as a crypto exchange giving millions of people access to crypto trading and over time becoming among the largest platforms in the world. In recent years, we have developed one of the most connected Web3 wallets used by millions to access decentralized crypto applications (dApps). OKX is a trusted brand by hundreds of large institutions seeking access to crypto markets on a reliable platform that seamlessly connects with global banking and payments. In the last year, OKX has expanded into new markets including Australia, Brazil, Netherlands, Singapore and Turkey, with plans to launch in the US, Belgium and the UAE.</div> <div class="ace-line ace-line old-record-id-Y9usd0Vc5oLuEZxvabeuEyXOsih">We are deeply committed to shaping a fairer, more transparent and accessible society through blockchain technology. This is why we publish proof of reserves monthly, and continue to ship new innovative security features.</div> </div> </div> <div class="ace-line ace-line old-record-id-YE6vdE9jGoJlqAxbrb1uP8S7sxf">&nbsp;</div> <div class="ace-line ace-line old-record-id-Pp3kdMhBeoys8DxXmCPuao4vszd">&nbsp;</div> <div class="ace-line ace-line old-record-id-D9z3d0yXxoTN9Zxqz1iugGNgs5g"><u><strong>Responsibilities:</strong></u></div> <ul class="list-bullet1"> <li class="ace-line ace-line old-record-id-Fr6ldcIQ8o4iXox4NEquapUMsm3" data-list="bullet"> <div>Identify and address security vulnerabilities in code, systems, and networks using manual review, automated tools, and threat modeling.</div> </li> <li class="ace-line ace-line old-record-id-OMpOdkkbEobBuTxBqZXuCrKOsLg" data-list="bullet"> <div>Manage and optimize application security tools, processes, and alerts.</div> </li> <li class="ace-line ace-line old-record-id-VO4Ldq9OlopP1Txer2UuzPcDsYg" data-list="bullet"> <div>Validate and respond to Bug Bounty submissions.</div> </li> <li class="ace-line ace-line old-record-id-U5zTdCNBNoVbLdxcYAsupppgsxh" data-list="bullet"> <div>Stay informed on the latest offensive security techniques, application security threats, and best practices, and suggest improvements to enhance our security posture.</div> </li> <li class="ace-line ace-line old-record-id-FylAdvnxdoZEaNxxISmutVS6sRb" data-list="bullet"> <div>Produce detailed reports of your findings, present them to both management and technical teams, and contribute to preventing real-world attacks.</div> </li> <li class="ace-line ace-line old-record-id-CSXYdKLewo8fnTxA5Imu2gmBsKg" data-list="bullet"> <div>Collaborate with development teams to implement secure coding practices.</div> </li> <li class="ace-line ace-line old-record-id-JlpJds5EjoXc5RxxkMuuFyUIsXe" data-list="bullet"> <div>Work alongside other teams, including operations and compliance, to ensure that security is a consistent priority across the organization.</div> </li> <li class="ace-line ace-line old-record-id-PRaKdPfyuobfyrx6qfWuBDpDs7b" data-list="bullet"> <div>Participate in incident response and management activities.</div> </li> </ul> <div class="ace-line ace-line old-record-id-OPeRdOeVKod85AxXJPCuHZVCscf">&nbsp;</div> <div class="ace-line ace-line old-record-id-DN1kdOMrtookxnx5vWZuLfsfsUd"><strong>Qualifications:</strong></div> <ul class="list-bullet1"> <li class="ace-line ace-line old-record-id-OnUQdKtpXorXWwxro81ukRyBsTh" data-list="bullet"> <div>3+ years of experience in offensive security techniques.</div> </li> <li class="ace-line ace-line old-record-id-JVdNdS2KoojowsxCctEu1NYrsKJ" data-list="bullet"> <div>In-depth understanding of security risks, vulnerabilities, and concepts in web and mobile applications.</div> </li> <li class="ace-line ace-line old-record-id-Y6FbdFc79oVeEexFK8lu7dFXsaf" data-list="bullet"> <div>Proficient in code review, particularly with <span class="text-only" data-eleid="6">Kotlin/Swift/Typescript/JavaScript, with a strong grasp of application security threats.</span></div> </li> <li class="ace-line ace-line old-record-id-DQZ7dS95RopcsYx3OexuoWm5stc" data-list="bullet"> <div>Ability to create proof-of-concepts (PoCs) to demonstrate vulnerabilities, review patch code for adherence to standards, and collaborate with repository owners and maintainers.</div> </li> <li class="ace-line ace-line old-record-id-OVPNdTMSkok0xNxgHoRu25lCsub" data-list="bullet"> <div>Strong analytical and problem-solving abilities.</div> </li> <li class="ace-line ace-line old-record-id-R6PZd0xaRoCDrLx9O7iu6dt9sJg" data-list="bullet"> <div>Excellent verbal and written communication skills.</div> </li> </ul> <div class="ace-line ace-line old-record-id-Cp5ydL4Y5oaTFMxzbN0uaEJos1e"><u><strong>Nice-to-have:</strong></u></div> <ul class="list-bullet1"> <li class="ace-line ace-line old-record-id-ICJSd1aVTolihlxYeeFuBhzHsId" data-list="bullet"> <div>Prior experience in developing mobile security SDKs with a daily active user base of over ten million is preferred.</div> </li> <li class="ace-line ace-line old-record-id-IlxHdm3b6ozze7xWinVuwSaJsIg" data-list="bullet"> <div>Participated in large-scale business risk control projects, or have practical experience in threat intelligence/business risk prevention, and analysis/countermeasures against black and gray industries.</div> </li> <li class="ace-line ace-line old-record-id-PaDedHkBgoaprXxI6jnuaVyqsT1" data-list="bullet"> <div>In-depth reverse engineering of major apps from first-tier vendors, or other experiences/projects that demonstrate reverse engineering capabilities.</div> </li> <li class="ace-line ace-line old-record-id-UmYKdonaioCEJuxc5x1uqUVosse" data-list="bullet"> <div>Priority given to candidates who can simultaneously master relevant technologies on multiple platforms.</div> </li> <li class="ace-line ace-line old-record-id-HaMKdet9KoQaxcxRivIuBZMAsGb" data-list="bullet"> <div>Proficient in ARM assembly, capable of deep-level countermeasures at the native and application layers.</div> </li> <li class="ace-line ace-line old-record-id-P5icdOL8joZ5xtxDckTuuAC5s3f" data-list="bullet"> <div>Have certain capabilities in device fingerprint recognition, able to simulate new devices through methods such as flashing, modification, and application cloning.</div> </li> </ul> <div class="ace-line ace-line old-record-id-FLJbddDgDoBqSqxQ4fjuJyGqsac">&nbsp;</div> <div class="ace-line ace-line old-record-id-C6ojdd83no6XOexF2FnuJ1dUssd"><u><strong>Perks &amp; Benefits:</strong></u></div> <ul class="list-bullet1"> <li class="ace-line ace-line old-record-id-WtsTdYf41oLDNexoPBGuyZunsid" data-list="bullet"> <div>Competitive total compensation package</div> </li> <li class="ace-line ace-line old-record-id-AeJBdR4x2oW2M2x7mGXuRZ8cskg" data-list="bullet"> <div>L&amp;D programs and Education subsidy for employees' growth and development</div> </li> <li class="ace-line ace-line old-record-id-KJpidDfb2ovEXtxeBPHuB2qhsub" data-list="bullet"> <div>Various team building programs and company events</div> </li> <li class="ace-line ace-line old-record-id-PfSbdHf8WomiMLx343Fu7v4js15" data-list="bullet"> <div>More that we love to tell you along the process!</div> </li> </ul> </div><div class="content-conclusion"><div data-lark-html-role="root"><span class="text-only" data-eleid="18"><span class="text-only"><span class="text-only" data-eleid="6">Notice:<br></span></span></span> <div data-lark-html-role="root"><span class="text-only" data-eleid="26"><span class="text-only">All official </span><span class="text-only text-with-abbreviation text-with-abbreviation-bottomline">OKX</span><span class="text-only"> vacancies are published on this website.</span></span> <span class="text-only" data-eleid="28"><span class="text-only">While roles may appear on selected third-party platforms from time to time, information on other sites may be inaccurate or outdated. </span></span><strong><span class="text-only" data-eleid="29"><span class="text-only">If in doubt, please apply directly through our official careers website.</span></span></strong></div> </div> <div data-lark-html-role="root"><span class="text-only" data-eleid="18"><span class="text-only">Information collected and processed as part of the recruitment process of any job application you choose to submit is subject to&nbsp;</span><span class="text-only text-with-abbreviation text-with-abbreviation-bottomline">OKX</span><span class="text-only">'s </span></span><a class="link rich-text-anchor __anchor-intercept-flag__ text-content-link" href="https://www.okx.com/en-eu/help/okx-candidate-privacy-notice" target="_blank" data-eleid="19" data-lark-is-custom="true" data-lark-link="true">Candidate Privacy Notice</a><span class="text-only" data-eleid="20"><span class="text-only">.</span></span></div></div>