Mobile Engineer, Security

Summary:

OKX, established in 2017 as a leading cryptocurrency exchange, is dedicated to reshaping the financial landscape through innovative blockchain technology. With a global user base exceeding 20 million individuals across 180 regions, OKX offers diverse product offerings and robust trading tools to make crypto accessible to all.

Job Overview:

As a Mobile Software Engineer at OKX, you will play a critical role in developing and enhancing the core OKX mobile application utilized by millions of users daily. Collaborating with design, product, and engineering teams, you will identify customer needs and introduce high-quality features through agile development cycles. This role provides a unique opportunity to delve into crypto mobile application frameworks encompassing pro/retail trading, asset management, and digital wallets.

Primary Responsibilities:

• Conduct comprehensive security analysis on OKX mobile applications, identifying vulnerabilities, and bolstering app defense mechanisms.
• Design and implement mobile app security solutions like app shielding, DEX reinforcement, anti-reversing techniques, and data encryption mechanisms.
• Stay abreast of the latest mobile security trends and technologies to fortify the security posture of both Android and iOS platforms.
• Develop app security scanning tools and metrics platforms to ensure compliance with privacy regulations and enhance vulnerability detection capabilities.
• Collaborate cross-functionally to mitigate risks and provide technical support to various business units.
• Address and resolve reported security issues promptly to maintain a secure app environment.

Requirements:

• Hold a Bachelor's or Master's degree in Computer Science or related fields.
• Possess over 5 years of experience in mobile security with robust coding skills in languages like Java, Kotlin, C/C++, Objective-C, Swift, Python, among others.
• Proficiency in reverse engineering techniques on Android and iOS platforms to counteract common obfuscation, anti-debugging methods, and jailbreak detection.
• Demonstrated expertise in developing Proof of Concepts (PoC) in Android or iOS environments to support reverse engineering efforts.
• Familiarity with hook frameworks such as Xposed and Frida for security enhancement.
• Excellent communication, teamwork, execution, problem-solving, and analytical skills.

Desired Qualifications:

• Prior involvement in creating mobile security SDKs for a user base exceeding ten million.
• Experience with large-scale business risk management projects or threat intelligence initiatives.
• Direct experience in reverse engineering leading apps or related projects showcasing reverse engineering proficiency.
• Proficiency in ARM assembly language for in-depth countermeasures at native and application layers.
• Familiarity with device fingerprint recognition and capability to simulate new devices by methodologies like flashing and application cloning.

Perks & Benefits:

• Competitive compensation package.
• Learning and development programs along with education subsidies.
• Team-building activities and company events.
• Additional benefits discussed during the selection process.