Senior Engineer, Vulnerability Scanner at OKX
Hong Kong, Hong Kong SAR; Singapore, SingaporeFull-timeEngineeringPosted 12 days ago
About the Role
<div data-page-id="AEW3d0Y2noLuIcxROuFubTLpsZd" data-docx-has-block-data="false">
<div class="ace-line ace-line old-record-id-doxuseysYUio6Qia64JLLAwE7dh">
<div data-page-id="doxusokjWsaOkSCIjzixAfRM3sd" data-docx-has-block-data="false">
<div class="ace-line ace-line old-record-id-doxusaUYeCmu82WSkkm5KDd00db">
<div data-page-id="AEW3d0Y2noLuIcxROuFubTLpsZd" data-docx-has-block-data="false">
<div data-page-id="AEW3d0Y2noLuIcxROuFubTLpsZd" data-docx-has-block-data="false">
<div class="ace-line ace-line old-record-id-doxuseysYUio6Qia64JLLAwE7dh">
<div data-page-id="doxusokjWsaOkSCIjzixAfRM3sd" data-docx-has-block-data="false">
<div class="ace-line ace-line old-record-id-doxusaUYeCmu82WSkkm5KDd00db">
<div data-page-id="AEW3d0Y2noLuIcxROuFubTLpsZd" data-docx-has-block-data="false">
<div data-page-id="AEW3d0Y2noLuIcxROuFubTLpsZd" data-docx-has-block-data="false">
<div class="ace-line ace-line old-record-id-doxuseysYUio6Qia64JLLAwE7dh">
<div data-page-id="doxusokjWsaOkSCIjzixAfRM3sd" data-docx-has-block-data="false">
<div class="ace-line ace-line old-record-id-doxusaUYeCmu82WSkkm5KDd00db">
<div data-page-id="AEW3d0Y2noLuIcxROuFubTLpsZd" data-docx-has-block-data="false">
<div class="ace-line ace-line old-record-id-doxuseysYUio6Qia64JLLAwE7dh">
<div data-page-id="doxusokjWsaOkSCIjzixAfRM3sd" data-docx-has-block-data="false">
<div class="ace-line ace-line old-record-id-doxusaUYeCmu82WSkkm5KDd00db">
<div data-page-id="AEW3d0Y2noLuIcxROuFubTLpsZd" data-docx-has-block-data="false">
<div data-page-id="AEW3d0Y2noLuIcxROuFubTLpsZd" data-docx-has-block-data="false">
<div class="ace-line ace-line old-record-id-doxuseysYUio6Qia64JLLAwE7dh">
<div data-page-id="doxusokjWsaOkSCIjzixAfRM3sd" data-docx-has-block-data="false">
<div class="ace-line ace-line old-record-id-doxusaUYeCmu82WSkkm5KDd00db">
<div data-page-id="AEW3d0Y2noLuIcxROuFubTLpsZd" data-docx-has-block-data="false">
<div data-page-id="AEW3d0Y2noLuIcxROuFubTLpsZd" data-docx-has-block-data="false">
<div data-page-id="Kpucdjv7JoAcSZxSf7PuRl5Yscb" data-lark-html-role="root" data-docx-has-block-data="false">
<div class="ace-line ace-line old-record-id-Cfb8dvi9voxFkWxhNcmuJX50sZb">
<div data-page-id="PNNZdiw4Yo1ZOmx8btbucw8qsLG" data-lark-html-role="root" data-docx-has-block-data="false">
<div>OKX will be prioritising applicants who have a current right to work in Singapore, and do not require OKX's sponsorship of a visa</div>
<h2 class="heading-2 ace-line old-record-id-ARMWdtKDIowwlyxaSOuuzEqssIf"><strong>Who We Are</strong></h2>
<div data-page-id="Kpucdjv7JoAcSZxSf7PuRl5Yscb" data-lark-html-role="root" data-docx-has-block-data="false">
<div class="ace-line ace-line old-record-id-Cfb8dvi9voxFkWxhNcmuJX50sZb">At OKX, we believe that the future will be reshaped by crypto, and ultimately contribute to every individual's freedom.</div>
<div class="ace-line ace-line old-record-id-Cfb8dvi9voxFkWxhNcmuJX50sZb">OKX is a leading crypto exchange, and the developer of OKX Wallet, giving millions access to crypto trading and decentralized crypto applications (dApps). OKX is also a trusted brand by hundreds of large institutions seeking access to crypto markets. We are safe and reliable, backed by our Proof of Reserves.</div>
<div class="ace-line ace-line old-record-id-Cfb8dvi9voxFkWxhNcmuJX50sZb">Across our multiple offices globally, we are united by our core principles: <em>We Before Me</em>, <em>Do the Right Thing</em>, and <em>Get Things Done</em>. These shared values drive our culture, shape our processes, and foster a friendly, rewarding, and diverse environment for every OK-er. OKX is part of OKG, a group that brings the value of Blockchain to users around the world, through our leading products OKX, OKX Wallet, OKLink and more.</div>
</div>
</div>
</div>
<div class="ace-line ace-line old-record-id-Cfb8dvi9voxFkWxhNcmuJX50sZb">
<div data-page-id="PNNZdiw4Yo1ZOmx8btbucw8qsLG" data-lark-html-role="root" data-docx-has-block-data="false">
<h2 class="heading-2 ace-line old-record-id-PiRwdXFmiomeQDxx0RUuDGJ1sag"><strong>About the Opportunity</strong></h2>
<div class="ace-line ace-line old-record-id-NrSYd8kjeoNTrexRDNsuNpZOsMd">Our Security Engineering team is building AI-driven security infrastructure to protect OKX's LLM applications and developer pipelines at scale. This role sits at the intersection of agentic AI and security engineering — designing multi-agent systems, building detection engines, and embedding security into our development lifecycle. If you're passionate about solving real-world AI security challenges in a fast-moving environment, we'd love to hear from you.</div>
<div class="ace-line ace-line old-record-id-NQ1gdeOLNoEsm2xDroWukiwGs3g"> </div>
<h2 class="heading-2 ace-line old-record-id-HytwdMMd1o5PQtxqi9QudDSMsWV"><strong>What You’ll Be Doing</strong></h2>
<ul>
<li class="whitespace-normal break-words pl-2">Design and ship a Multi-Agent code auditing system (vulnerability detection, malicious code, sensitive data leakage) including role decomposition, tool-calling pipelines, and cross-agent state synchronization</li>
<li class="whitespace-normal break-words pl-2">Integrate RAG, Chain-of-Thought, and Reflection techniques into security audit agents; build evaluation frameworks to continuously improve detection accuracy</li>
<li class="whitespace-normal break-words pl-2">Develop CI/CD plugins for GitLab, Tekton, and Jenkins to enable automated security audit on every commit</li>
<li class="whitespace-normal break-words pl-2">Build an LLM security framework covering input, output and runtime</li>
<li class="whitespace-normal break-words pl-2">Design Human-in-the-loop and agent behavior audit systems ensuring production agents are observable, traceable, and controllable </li>
</ul>
<div class="ace-line ace-line old-record-id-Gy4ydICWpol34Hxzjdhu4zdVshg"> </div>
<h2 class="heading-2 ace-line old-record-id-ZvAmdvgIGoKyiHxjBTiu68Kcs9d"><strong>What We Look For In You </strong></h2>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
<ul>
<li class="whitespace-normal break-words pl-2">3+ years of backend development in Python, Go, or Java</li>
<li class="whitespace-normal break-words pl-2">End-to-end LLM Agent production experience with depth in architecture design, hallucination handling, and tool-call fault tolerance</li>
<li class="whitespace-normal break-words pl-2">Hands-on AI security knowledge — Prompt Injection, Jailbreak, malicious agent injection, tool misuse — with production-ready defensive solutions</li>
<li class="whitespace-normal break-words pl-2">Production experience with at least one of LangChain, LlamaIndex, AutoGen, CrewAI, or LangGraph</li>
<li class="whitespace-normal break-words pl-2">Proficiency with Docker, Kubernetes, and microservice architecture</li>
</ul>
<div data-page-id="AEW3d0Y2noLuIcxROuFubTLpsZd" data-docx-has-block-data="false">
<div class="ace-line ace-line old-record-id-doxuseysYUio6Qia64JLLAwE7dh">
<div data-page-id="doxusokjWsaOkSCIjzixAfRM3sd" data-docx-has-block-data="false">
<div class="ace-line ace-line old-record-id-doxusaUYeCmu82WSkkm5KDd00db">
<div data-page-id="AEW3d0Y2noLuIcxROuFubTLpsZd" data-docx-has-block-data="false">
<div data-page-id="AEW3d0Y2noLuIcxROuFubTLpsZd" data-docx-has-block-data="false">
<div class="ace-line ace-line old-record-id-doxuseysYUio6Qia64JLLAwE7dh">
<div data-page-id="doxusokjWsaOkSCIjzixAfRM3sd" data-docx-has-block-data="false">
<div class="ace-line ace-line old-record-id-doxusaUYeCmu82WSkkm5KDd00db">
<div data-page-id="AEW3d0Y2noLuIcxROuFubTLpsZd" data-docx-has-block-data="false">
<div data-page-id="AEW3d0Y2noLuIcxROuFubTLpsZd" data-docx-has-block-data="false">
<div class="ace-line ace-line old-record-id-doxuseysYUio6Qia64JLLAwE7dh">
<div data-page-id="doxusokjWsaOkSCIjzixAfRM3sd" data-docx-has-block-data="false">
<div class="ace-line ace-line old-record-id-doxusaUYeCmu82WSkkm5KDd00db">
<div data-page-id="AEW3d0Y2noLuIcxROuFubTLpsZd" data-docx-has-block-data="false">
<div class="ace-line ace-line old-record-id-doxuseysYUio6Qia64JLLAwE7dh">
<div data-page-id="doxusokjWsaOkSCIjzixAfRM3sd" data-docx-has-block-data="false">
<div class="ace-line ace-line old-record-id-doxusaUYeCmu82WSkkm5KDd00db">
<div data-page-id="AEW3d0Y2noLuIcxROuFubTLpsZd" data-docx-has-block-data="false">
<div data-page-id="AEW3d0Y2noLuIcxROuFubTLpsZd" data-docx-has-block-data="false">
<div class="ace-line ace-line old-record-id-doxuseysYUio6Qia64JLLAwE7dh">
<div data-page-id="doxusokjWsaOkSCIjzixAfRM3sd" data-docx-has-block-data="false">
<div class="ace-line ace-line old-record-id-doxusaUYeCmu82WSkkm5KDd00db">
<div data-page-id="AEW3d0Y2noLuIcxROuFubTLpsZd" data-docx-has-block-data="false">
<div data-page-id="AEW3d0Y2noLuIcxROuFubTLpsZd" data-docx-has-block-data="false">
<div data-page-id="Kpucdjv7JoAcSZxSf7PuRl5Yscb" data-lark-html-role="root" data-docx-has-block-data="false">
<div class="ace-line ace-line old-record-id-Cfb8dvi9voxFkWxhNcmuJX50sZb">
<div data-page-id="PNNZdiw4Yo1ZOmx8btbucw8qsLG" data-lark-html-role="root" data-docx-has-block-data="false">
<div class="ace-line ace-line old-record-id-UhJ9dmqAXoYf0Rxmj2MuiHGesRc"> </div>
<h2 class="heading-2 ace-line old-record-id-DiLSdqfwUoKOraxakB6uGEomsXl"><strong>Nice to Haves</strong></h2>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
<ul class="list-bullet1">
<li class="whitespace-normal break-words pl-2">SAST/SCA or code auditing tool experience </li>
<li class="whitespace-normal break-words pl-2">LLM fine-tuning or local model deployment; security-domain fine-tuning is a strong plus</li>
<li class="whitespace-normal break-words pl-2">Open source agent projects on GitHub or merged PRs to mainstream LLM frameworks</li>
<li class="whitespace-normal break-words pl-2">CTF awards or CVE/CNVD submission records</li>
</ul>
<div data-page-id="AEW3d0Y2noLuIcxROuFubTLpsZd" data-docx-has-block-data="false">
<div class="ace-line ace-line old-record-id-doxuseysYUio6Qia64JLLAwE7dh">
<div data-page-id="doxusokjWsaOkSCIjzixAfRM3sd" data-docx-has-block-data="false">
<div class="ace-line ace-line old-record-id-doxusaUYeCmu82WSkkm5KDd00db">
<div data-page-id="AEW3d0Y2noLuIcxROuFubTLpsZd" data-docx-has-block-data="false">
<div data-page-id="AEW3d0Y2noLuIcxROuFubTLpsZd" data-docx-has-block-data="false">
<div class="ace-line ace-line old-record-id-doxuseysYUio6Qia64JLLAwE7dh">
<div data-page-id="doxusokjWsaOkSCIjzixAfRM3sd" data-docx-has-block-data="false">
<div class="ace-line ace-line old-record-id-doxusaUYeCmu82WSkkm5KDd00db">
<div data-page-id="AEW3d0Y2noLuIcxROuFubTLpsZd" data-docx-has-block-data="false">
<div data-page-id="AEW3d0Y2noLuIcxROuFubTLpsZd" data-docx-has-block-data="false">
<div class="ace-line ace-line old-record-id-doxuseysYUio6Qia64JLLAwE7dh">
<div data-page-id="doxusokjWsaOkSCIjzixAfRM3sd" data-docx-has-block-data="false">
<div class="ace-line ace-line old-record-id-doxusaUYeCmu82WSkkm5KDd00db">
<div data-page-id="AEW3d0Y2noLuIcxROuFubTLpsZd" data-docx-has-block-data="false">
<div class="ace-line ace-line old-record-id-doxuseysYUio6Qia64JLLAwE7dh">
<div data-page-id="doxusokjWsaOkSCIjzixAfRM3sd" data-docx-has-block-data="false">
<div class="ace-line ace-line old-record-id-doxusaUYeCmu82WSkkm5KDd00db">
<div data-page-id="AEW3d0Y2noLuIcxROuFubTLpsZd" data-docx-has-block-data="false">
<div data-page-id="AEW3d0Y2noLuIcxROuFubTLpsZd" data-docx-has-block-data="false">
<div class="ace-line ace-line old-record-id-doxuseysYUio6Qia64JLLAwE7dh">
<div data-page-id="doxusokjWsaOkSCIjzixAfRM3sd" data-docx-has-block-data="false">
<div class="ace-line ace-line old-record-id-doxusaUYeCmu82WSkkm5KDd00db">
<div data-page-id="AEW3d0Y2noLuIcxROuFubTLpsZd" data-docx-has-block-data="false">
<div data-page-id="AEW3d0Y2noLuIcxROuFubTLpsZd" data-docx-has-block-data="false">
<div data-page-id="Kpucdjv7JoAcSZxSf7PuRl5Yscb" data-lark-html-role="root" data-docx-has-block-data="false">
<div class="ace-line ace-line old-record-id-Cfb8dvi9voxFkWxhNcmuJX50sZb">
<div data-page-id="PNNZdiw4Yo1ZOmx8btbucw8qsLG" data-lark-html-role="root" data-docx-has-block-data="false">
<h2 class="heading-2 ace-line old-record-id-CmqsdZ2GTo6Z9VxuHx4ugzRRsm3"><strong>Perks &<span style="font-size: 18pt;"> Benefits </span></strong></h2>
<ul class="list-bullet1">
<li class="ace-line ace-line old-record-id-XvQudJ7z0ouSnuxOibouMkKzsCc" data-list="bullet">
<div>Competitive total compensation package</div>
</li>
<li class="ace-line ace-line old-record-id-GAzBdJXxLo291PxrthXurPeds4g" data-list="bullet">
<div>L&D programs and Education subsidy for employees' growth and development</div>
</li>
<li class="ace-line ace-line old-record-id-CKPxdgHeoosenzxCpV2uV32ysz0" data-list="bullet">
<div>Various team building programs and company events</div>
</li>
<li class="ace-line ace-line old-record-id-XjPSdIa92oGeLox9Qo9uejVEs4c" data-list="bullet">
<div>Wellness and meal allowances </div>
</li>
<li class="ace-line ace-line old-record-id-CS34dAJCDoMDHxx95pZu43yjsxB" data-list="bullet">
<div>Comprehensive healthcare schemes for employees and dependants</div>
</li>
<li class="ace-line ace-line old-record-id-Uqtsd4bN8oaHt7xyPlYuxmfcsob" data-list="bullet">
<div>More that we love to tell you along the process!</div>
</li>
</ul>
<div class="ace-line ace-line old-record-id-JGIsdeznCo2qpfxJAqkuViMfsHS"> </div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div><div class="content-conclusion"><div data-lark-html-role="root"><span class="text-only" data-eleid="18"><span class="text-only"><span class="text-only" data-eleid="6">Notice:<br></span></span></span>
<div data-lark-html-role="root"><span class="text-only" data-eleid="26"><span class="text-only">All official </span><span class="text-only text-with-abbreviation text-with-abbreviation-bottomline">OKX</span><span class="text-only"> vacancies are published on this website.</span></span> <span class="text-only" data-eleid="28"><span class="text-only">While roles may appear on selected third-party platforms from time to time, information on other sites may be inaccurate or outdated. </span></span><strong><span class="text-only" data-eleid="29"><span class="text-only">If in doubt, please apply directly through our official careers website.</span></span></strong></div>
</div>
<div data-lark-html-role="root"><span class="text-only" data-eleid="18"><span class="text-only">Information collected and processed as part of the recruitment process of any job application you choose to submit is subject to </span><span class="text-only text-with-abbreviation text-with-abbreviation-bottomline">OKX</span><span class="text-only">'s </span></span><a class="link rich-text-anchor __anchor-intercept-flag__ text-content-link" href="https://www.okx.com/en-eu/help/okx-candidate-privacy-notice" target="_blank" data-eleid="19" data-lark-is-custom="true" data-lark-link="true">Candidate Privacy Notice</a><span class="text-only" data-eleid="20"><span class="text-only">.</span></span></div></div>
Related Roles
Software Engineer Mobile (iOS)
OKX
San Jose, California, United States; United States (US)Software Engineer Mobile (Android)
OKX
San Jose, California, United States; United States (US)Business Engineer, Trading
OKX
San Jose, California, United States; United States (US)Business Engineer
OKX
Singapore, SingaporeAI Agent Security Research Engineer
OKX
APAC; Hong Kong, Hong Kong SAR; Singapore, SingaporeStaff/Senior Staff Frontend Engineer - Growth
OKX
Singapore, Singapore