AppSec Jobs
← Back to all jobs

OKX

Senior Engineer, AI Agent Security Research

Chiasson Office, New Brunswick, CanadaWebsite

Full details on LinkedIn

The complete job description, requirements, and application details are available on the original posting.

About OKX

OKX is a prominent blockchain technology company and cryptocurrency exchange, originally founded as OKEx in 2013 by Star Xu. Rebranded in 2017, it operates as the world's second-largest crypto exchange by daily trading volume, serving over 20 million users across more than 100 countries. Headquartered in San Jose, California, with operations in Seychelles and offices in various global locations, OKX connects traditional finance with blockchain technology. The company offers a wide range of crypto trading and financial services, catering to beginners, advanced traders, and institutions. Users can engage in spot trading of over 350 cryptocurrencies, margin trading with leverage, and access advanced derivatives. OKX also provides a decentralized wallet for DeFi services, educational resources, and institutional tools. With a strong focus on security and regulatory compliance, OKX has earned recognition as one of the most trustworthy crypto exchanges and continues to expand its global presence.

Industry

information technology & services

Employees

5,000

755 engineers

Revenue

$50M

Website

Visit →

Security at OKX

Compiled from public job postings, careers pages, and company materials. Data may not reflect current state — verify during interviews.

3 Intel Signals

Security Philosophy

  • OKX's AppSec philosophy emphasizes AI/ML-based detection, external audits, and 24/7 proactive defenses.
  • They partner with independent, leading security firms for external audits and operate an explicit bug-bounty program.
  • Their approach to smart contract and application security is enforced through a structured framework, and they proactively address regulations.

Security Team

  • Michael Casper has been identified as the Americas CISO at OKX.
  • Public, verbatim evidence describing the AppSec organizational structure (centralized vs. embedded), reporting lines (e.g., reports to CISO/CTO), or explicit AppSec team size is not available.
  • Active AppSec job posting counts and comprehensive LinkedIn AppSec headcount estimates were also not found in public sources during the research.

Key Initiatives

  • OKX implements a multi-layered wallet architecture that combines cold storage, whitelisted cold-to-hot transfers, and multi-signature approvals, requiring "Offline Sign-Offs"from multiple trusted team members.
  • They also utilize systems like TARDIS and SkyNet for AI/ML-driven fraud and on-chain scam detection.
  • An explicit bug-bounty program is in place.
  • However, no public, verbatim evidence was found describing a Security Champions program, shift-left developer IDE/pre-commit tooling, or vulnerability triage SLAs/MTTR (ticketing and remediation SLAs).

Preparing for an AppSec interview?

Get the weekly briefing 2,000+ security pros trust.