Head of Regional Security

Who We AreAt OKX, we believe that the future will be reshaped by crypto, and ultimately contribute to every individual's freedom. OKX is a leading crypto exchange, and the developer of OKX Wallet, giving millions access to crypto trading and decentralized crypto applications (dApps). OKX is also a trusted brand by hundreds of large institutions seeking access to crypto markets. We are safe and reliable, backed by our Proof of Reserves. Across our multiple offices globally, we are united by our core principles: We Before Me, Do the Right Thing, and Get Things Done. These shared values drive our culture, shape our processes, and foster a friendly, rewarding, and diverse environment for every OK-er.About the OpportunityStay abreast of security technologies, global compliance standards, and regulatory requirements. Lead the organization's security technology implementation, compliance programs, and licensing initiatives across key jurisdictions. Direct the security architecture design, compliance certification processes, and license applications.What You’ll Be DoingSecurity Technology: Lead security architecture design and implementation. Guide deployment of security controls, monitoring systems, and incident response capabilities. Review and approve security solutions across cloud and infrastructure.License Applications: Direct VASP licensing applications across global jurisdictions (Hong Kong, Singapore, Dubai, Europe etc.). Manage relationships with regulatory bodies. Ensure ongoing compliance with licensing requirements. Coordinate with legal and business teams for application processes.Team Leadership: Build and lead security and compliance teams. Work with cross-functional stakeholders to implement security and compliance requirements. Report to senior management on security, compliance and licensing status.Security Strategy & Governance:Develop and maintain enterprise security strategy, roadmaps and architectures aligned with business objectives. Establish security governance frameworks, policies, and standards across the organization. Lead security steering committee and provide regular security updates to board/executive management. Manage security budget, resource allocation and strategic vendor relationships. Define and track security metrics, KPIs and risk indicatorsWhat We Look For In YouMultiple language capabilities, both chinese and english10+ years experience in information security and compliance, with strong technical backgroundDeep understanding of security technologies: network security, cloud security, encryption, access controls, security monitoringExtensive hands-on experience with security compliance frameworks (ISO 27001, SOC2, PCI-DSS)Experience in cryptocurrency/blockchain industry licensing applicationsStrong communication and leadership abilitiesResults-oriented with ability to work under pressureProfessional certifications such as CISSP, CISM requiredBachelor's degree in Computer Science, Information Security or related fieldDeep expertise in:Application security (SAST/DAST/IAST)Container and kubernetes securityHardware security modules (HSM)Secure software development lifecycle (SSDLC)Identity and access management (IAM)API security and microservices securityDDoS protection and WAF implementationSecurity automation and orchestration (SOAR)Threat hunting and incident responseBlockchain protocol securityNice to HavesCompliance Management: Lead and maintain security certifications including ISO 27001, SOC2, PCI-DSS. Develop security policies and ensure implementation meets global standards. Oversee internal security management system and controls.Advanced degree in relevant fieldExperience in cryptocurrency trading platformsDirect experience obtaining VASP licenses in major jurisdictionsUnderstanding of global financial regulations and licensing requirementsAdditional security or professional certificationsExperience working with regulatory bodiesHomomorphic encryption and zero-knowledge proofsAdvanced malware analysis and reverse engineeringSecurity architecture patterns for distributed systemsCloud native security (ALIBABA CLOUD, AWS, Azure, GCP)Security metrics and KPI developmentVendor security assessment frameworksPerks & Benefits Competitive total compensation packageL&D programs and Education subsidy for employees' growth and developmentVarious team building programs and company eventsWellness and meal allowancesComprehensive healthcare schemes for employees and dependantsMore that we love to tell you along the process!OKX StatementThe base salary range for this position is $330,000 to $616,000. The salary offered depends on a variety of factors, including job-related knowledge, skills, experience, and market location. In addition to the salary, a performance bonus and long-term incentives may be provided as part of the compensation package, as well as a full range of medical, financial, and/or other benefits, dependent on the position offered. Applicants should apply via OKX internal or external careers site.OKX is committed to equal employment opportunities regardless of race, color, genetic information, creed, religion, sex, sexual orientation, gender identity, lawful alien status, national origin, age, marital status, and non-job related physical or mental disability, or protected veteran status. Pursuant to the San Francisco Fair Chance Ordinance, we will consider employment-qualified applicants with arrest and conviction records.#LI-HYBRID#LI-ED1