Security Compliance Director, Technology Governance and Compliance

Singapore
Full time
Office
Compensation is not specified
Role
CTO
Description

Who We Are

At OKX, we anticipate a future shaped by technology. Established in 2017, we are transforming global systems through our state-of-the-art digital asset exchange, Web3 portal, and blockchain ecosystems. We enhance the financial landscape by providing a wide array of innovative products, solutions, and trading tools. Trusted by over 50 million users across 180 countries, OKX enables individuals to navigate the realm of Web3. With a diverse product range and a strong commitment to innovation, OKX envisions a financial world supported by blockchain technology and decentralized finance. We are known for our innovative approach to work, products, and social responsibility, actively engaging in various public welfare activities. With a global team of more than 3,000 employees, we believe that embracing diversity and inclusion leads to long-term industry value creation. Join us in Building the Future today!

About the Team

The Technology Governance team offers security guidance to OKX entities worldwide, collaborating with various teams to facilitate business growth. This team closely works with compliance and legal departments to interpret global requirements related to licensing or regional mandates.

About the Opportunity

Stay informed about the latest developments in laws, regulations, and information security standards concerning Network Security, Data Security, and Data Protection. Ensure the internal information security management system is regularly updated and maintained. Facilitate applications for information security certifications like ISO 27001, SOC, and PCI for our products. Advocate for security compliance and privacy protection requirements, promptly addressing any non-compliance issues. Verify that the organization's security controls meet industry standards by conducting thorough assessments of processes, systems, policies, network configurations, and procedures. Collaborate with cross-functional teams to monitor business activities and ensure adherence to external certifications.

Candidates with varying levels of experience will be considered for roles as senior engineers or engineers, based on their skills and potential.

What You'll Be Doing

  • Lead operational audit programs and complex technology control assessments, including Information Security, Infrastructure, and Emerging Technologies.

  • Conduct integrated audits supporting various business functions and productions.

  • Assist in analyzing and identifying emerging technology risks for OKX.

  • Build and maintain subject matter expertise in technology domains.

  • Develop collaborative relationships with stakeholders to provide value-added services and advisory support.

  • Engage with engineering and product teams to offer insights on technology implementations.

  • Continually expand knowledge in the audit profession, industry trends, and company products.

  • Ensure quality and consistency in audit work by adhering to department and professional standards. Seek opportunities for audit process enhancement.

What We Look For In You

  • Minimum of 3 years' experience managing ISO 27001:2022, SOC 2 audits, and compliance programs in a global organizational context.

  • Proficiency in cybersecurity frameworks like ISO 27001, PCI-DSS, SOC 2, and other regulatory requirements.

  • Strong communication and analytical skills, commitment to continuous learning, and a collaborative mindset.

  • Experience in Technology Audit, Risk Management, Cybersecurity Compliance, or Engineering, preferably in the technology sector.

  • Relevant certifications such as CISSP, GIAC, CCNA, CISA, or CIA.

  • Track record in managing audit portfolios and integrating audits for financial/operational and technology objectives.

  • Interest in emerging technologies, critical thinking, and strong problem-solving skills.

  • Ability to thrive in a fast-paced, product-oriented environment, with exposure to startup or tech companies being beneficial.

  • Proficient in assessing complex technology environments against industry best practices and regulatory requirements.

  • Effective written communication to convey findings and recommendations to senior management.

  • Experience working in a global organization and managing projects across different time zones.

Nice to Haves

  • Expertise in ISO management systems, SOC audits, and PCI certification.

  • Understanding of data protection regulations like the Personal Data Protection Act and Technology Risk Management Guidelines.

  • Possession of industry certifications like CISM, CISA, CISSP.

  • Experience in compliance for virtual currency trading platforms, especially in obtaining licenses across various regions.

Perks & Benefits

  • Competitive total compensation package.

  • Learning & Development programs and Education subsidy.

  • Team-building activities and company events.

  • Wellness and meal allowances.

  • Comprehensive healthcare schemes for employees and dependents.

  • Exciting perks to be revealed during the process!

Skills Required
Avatar
OKX
Company size
Not specified
Location
United States
Description
Not specified

More Full-time Jobs

Show more

Game Studio Hiring: Full-Stack, Mobile & 3D Web Developers

Part time
Remote
About Us
We are an established game studio developing HeroWarrior, a Unity-based web battle game that has been in active development for three years. Our project is supported by GameWorld (Netherlands) and we're currently preparing for version 2.0 with an expanded development team.
Following strategic restructuring in 2022, we're now building a distributed team across Europe and seeking talented developers to join our long-term project.
Open Positions
We are actively recruiting for the following roles:
UI/UX Designer
Specialization in gaming interface design
Experience with Unity UI systems preferred
 
Full-Stack Developers
 
Backend and frontend development for web platform
Experience with game-related web services preferred
 
Mobile Developers
 
Native mobile app development
Cross-platform experience valued
 
Unity Developers
 
Gameplay mechanics implementation
3+ years Unity experience required
 
3D Web Developers
 
WebGL and Three.js expertise
Browser-based 3D rendering experience
 
hat We Offer
Project Commitment: We're seeking long-term partnerships, not short-term contractors. This is an opportunity to grow with an established project backed by industry partners.
Compensation Structure:
Flexible payment options: hourly rates, monthly retainers, or milestone-based compensation
Rates negotiable based on experience and role
Initial evaluation period followed by standard employment terms
 
Work Environment:
Remote-friendly distributed team
Collaborative development process
Opportunity to work on a commercially-backed game project
Application Requirements
 
Please submit the following:
Portfolio/Resume - Detailed work history and relevant projects
Rate Expectations - Your preferred compensation structure and rates
Code Samples - GitHub repository, portfolio links, or previous work examples
Availability - Expected start date and commitment level
Evaluation Process Acknowledgment - Confirmation of willingness to complete a brief technical assessment
 
Ideal Candidates
Demonstrated passion for game development
Strong technical skills in relevant technologies
Experience working on long-term projects
Collaborative mindset and professional communication
Interest in building innovative gaming experiences
 
Next Steps
We are moving quickly to fill these positions. Qualified candidates will be contacted within one week for initial discussions and technical evaluation.
To apply, please send your complete application materials to vlad@gameworldcompany.com
 
Payment in Crypto
14,400-17,000
Monthly
See details

Web3 Growth Hacker (Enforcer of Expansion)

Full time
Hybrid
Description
About Target Mafia
Target Mafia is a syndicate of elite media buyers, data scientists, and creative capos dominating gambling, crypto, nutra, and adult niches. We operate on pure performance: if our partners win, we win.
We are expanding our crypto empire and need a Web3 Growth Hacker, our Enforcer of Expansion, to scale projects, grow communities, and execute high-ROI campaigns across Web3 ecosystems.
Working at Target Mafia
This is a fast-paced, results-driven role where strategy meets execution. You’ll identify growth opportunities, implement viral campaigns, and optimize channels to maximize performance. Your work will directly impact revenue and user acquisition across multiple projects.
Role
As a Web3 Growth Hacker, you will drive user acquisition, scale communities, and execute growth strategies that expand Target Mafia’s influence in the crypto space. You’ll combine creative tactics, data analysis, and guerrilla marketing to deliver measurable results.
Responsibilities
Plan and execute growth campaigns across Telegram, Discord, Twitter, and other Web3 channels.
Build partnerships and collaborations with crypto communities and influencers.
Track, analyze, and optimize campaigns for maximum ROI.
Identify viral trends and implement them to boost engagement and user acquisition.
Work closely with media buyer dons and creative capos to align growth efforts with marketing strategies.
Skills Required
Growth Hacking & Performance Marketing
Social Media Strategy & Community Building
Crypto & Web3 Knowledge
Influencer & Partnership Management
Data Analysis & Campaign Optimization
Guerrilla Marketing & Viral Campaign Execution
Creativity & Fast Problem Solving
Reasons to Join Our Team
Lead high-impact campaigns in trending Web3 and crypto markets
Work with an elite, performance-driven mafia of media buyers
Performance-based compensation in stablecoins, with bonuses for growth wins
Hands-on experience scaling high-stakes projects
Flexible, dynamic, and rewarding environment for top-tier talent

Assistant in Financial Technology and Trading Strategies (with Training)

Berlin, Germany
Berlin, Germany
Part time
Remote
Description
We are offering an opportunity to join our team and learn about cross-market trading strategies, focusing on identifying price differences of assets across multiple platforms. This role provides hands-on experience in financial technology, data analysis, and trading support.
As part of this position, you will:
Gain practical knowledge of market analysis and trading workflows
Learn how to recognize and evaluate opportunities across different platforms
Develop your skills in risk management and decision-making
Work with a mentor who will guide you step by step through the learning process
What we provide:
Comprehensive training program designed for beginners
Ongoing mentorship and professional support
Flexible schedule (approx. 1 hour a day required for study and practice)
Remote work setup with the possibility to grow into a larger role over time
This is a part-time, entry-level opportunity suitable for candidates with little or no prior experience. What matters most is your willingness to learn and apply new knowledge in practice.
Compensation: Competitive monthly pay structure with opportunities for progression as skills develop
5,000-20,000
Monthly
See details

Founding Head of Engineering

San Francisco, USA
San Francisco, USA
Full time
Remote
About The Project:The project is a venture-backed stealth mode project having raised $2 million and building a Social Intelligence Engine designed to power smarter, faster crypto trading. We're combining advanced data infrastructure and real-time intelligence to unlock new trading possibilities. About the Role:We're looking for a tech-savvy, investor-facing leader with an engineering background to represent us on the frontlines. This is not a research role it's about amplifying our voice, building relationships, and being the bridge between our technology and the world. Key Responsibilities:1)Represent us externally at hackathons, pitch events, conferences, and investor meetings.2)Be our lead evangelist clearly explaining our tech vision to both technical and non-technical audiences.3)Drive fundraising efforts with compelling presentations, clear strategy narratives, and investor Q&A.4)Partner closely with engineering/product to demo the platform, shape the roadmap, and turn market feedback into action. Requirements:1)Strong engineering background (AI, blockchain, data infrastructure, or similar).2)Proven experience in investor-facing roles, including fundraising and pitching.3)Excellent presentation and communication skills, with a track record of representing projects publicly.4)Experience participating in or leading hackathons, demos, and tech events.5)Understanding of consumer behavior data in gaming and apps is a plus.6)Familiarity with Web3, crypto, and developer communities. Compensation:Competitive salary + equity + team token + and performance-based incentives.
Payment in Crypto
6,667-12,500
Monthly
See details

DLP & Incident Response Engineer

Asia +1
Asia +1
Full time
Remote
Binance, a prominent global blockchain ecosystem known for its role as the world's largest cryptocurrency exchange, is seeking a security engineer proficient in Data Loss Prevention (DLP) and incident response, particularly in fintech, crypto, or high-security sectors. This role involves creating and implementing custom solutions, utilizing automation, and staying ahead of emerging threats like those stemming from recent AI advancements.

Roles and Responsibilities

Design, implement, and optimize DLP solutions spanning network, endpoint, and cloud environments.

Develop and enhance data classification systems for sensitive assets such as wallets, trading algorithms, and customer PII.

Create effective DLP policies to prevent data breaches while minimizing false positives.

Monitor, analyze, and improve alerts and incident responses continually.

Lead investigations into DLP incidents and insider threats.

Engage in threat hunting and forensic analysis of data exfiltration attempts.

Incorporate DLP monitoring into broader SOC workflows and incident response strategies.

Develop custom DLP tools and integrations like macOS Swift endpoint protection and Unix socket monitoring.

Craft automation scripts, APIs, regexes, and integrations to bolster detection and response capabilities.

Research AI-based methods for anomaly detection and response efficiency.

Ensure compliance with crypto and financial regulations like AML, KYC, GDPR, and CCPA.

Support audits and regulatory evaluations relating to data security.

Evaluate and address data loss risks throughout trading platforms, onboarding systems, and blockchain infrastructure.

Requirements

Minimum of 4 years in a SOC or security operations role focusing on incident response.

Demonstrated expertise in DLP design, implementation, and monitoring.

Proficient in programming languages like macOS Swift, Unix socket programming, and scripting.

Hands-on experience in threat hunting, forensic analysis, and APT detection.

Familiarity with SIEM, EDR, and cloud security infrastructures.

Understanding of encryption, tokenization, and data classification methodologies.

Nice-to-Have

Over 4 years in a SOC or security operations role centered on incident response.

Established background in DLP design, deployment, and monitoring.

Strong programming skills in macOS Swift, Unix socket programming, and scripting.

Practical experience in threat hunting, forensic analysis, and APT detection.

Knowledge of SIEM, EDR, and cloud security architectures.

Familiarity with encryption, tokenization, and data classification techniques.

Binance offers a dynamic environment where you can shape the future alongside top-tier talent in a flat organizational structure. Benefit from autonomy, tackle stimulating projects, and experience a results-driven culture allowing for career growth and continuous learning. Competitive compensation and a work-from-home option add to the inclusive ethos of Binance as an equal opportunity employer.