JOB DETAILS

Senior Engineer, Vulnerability Scanner

CompanyOKX
LocationHong Kong Island
Work ModeOn Site
PostedApril 26, 2026
About The Company
At OKX, we believe that the future will be reshaped by Crypto, ultimately contributing to every individual's freedom. OKX began as a crypto exchange giving millions of people access to crypto trading and over time becoming among the largest platforms in the world. In recent years, we have developed one of the most connected Web3 wallets used by millions to access decentralized crypto applications (dApps). OKX is a trusted brand by hundreds of large institutions seeking access to crypto markets on a reliable platform that seamlessly connects with global banking and payments. In the last year, OKX has expanded into new markets including Australia, Brazil, Netherlands, Singapore and Turkey, with plans to launch in the US, Belgium and the UAE. We are deeply committed to shaping a fairer, more transparent and accessible society through blockchain technology. This is why we publish proof of reserves monthly, and continue to ship new innovative security features. We believe in good sportmanship and the pursuit to be better. You may see our OKX logo neatly fitted on the McLaren F1 cars, Manchester City FC team shirts, or at the Tribeca Film Festival celebrating artists and creators. Wherever you may find us, you will notice our pursuit of making our world more efficient, transparent, and connected. To learn more about OKX, download our app or visit: www.okx.com UK users follow: https://www.linkedin.com/company/okxuk/ Learn more about working at OKG, the business group developing OKX, our Digital Assets Exchange, our Web3 portal and blockchain ecosystems: bit.ly/WorkingatOKG
About the Role
OKX will be prioritising applicants who have a current right to work in Singapore, and do not require OKX's sponsorship of a visa

Who We Are

At OKX, we believe that the future will be reshaped by crypto, and ultimately contribute to every individual's freedom.
OKX is a leading crypto exchange, and the developer of OKX Wallet, giving millions access to crypto trading and decentralized crypto applications (dApps). OKX is also a trusted brand by hundreds of large institutions seeking access to crypto markets. We are safe and reliable, backed by our Proof of Reserves.
Across our multiple offices globally, we are united by our core principles: We Before Me, Do the Right Thing, and Get Things Done. These shared values drive our culture, shape our processes, and foster a friendly, rewarding, and diverse environment for every OK-er. OKX is part of OKG, a group that brings the value of Blockchain to users around the world, through our leading products OKX, OKX Wallet, OKLink and more.

About the Opportunity

Our Security Engineering team is building AI-driven security infrastructure to protect OKX's LLM applications and developer pipelines at scale. This role sits at the intersection of agentic AI and security engineering — designing multi-agent systems, building detection engines, and embedding security into our development lifecycle. If you're passionate about solving real-world AI security challenges in a fast-moving environment, we'd love to hear from you.
 

What You’ll Be Doing

  • Design and ship a Multi-Agent code auditing system (vulnerability detection, malicious code, sensitive data leakage) including role decomposition, tool-calling pipelines, and cross-agent state synchronization
  • Integrate RAG, Chain-of-Thought, and Reflection techniques into security audit agents; build evaluation frameworks to continuously improve detection accuracy
  • Develop CI/CD plugins for GitLab, Tekton, and Jenkins to enable automated security audit on every commit
  • Build an LLM security framework covering input, output and runtime
  • Design Human-in-the-loop and agent behavior audit systems ensuring production agents are observable, traceable, and controllable 
 

What We Look For In You

  • 3+ years of backend development in Python, Go, or Java
  • End-to-end LLM Agent production experience with depth in architecture design, hallucination handling, and tool-call fault tolerance
  • Hands-on AI security knowledge — Prompt Injection, Jailbreak, malicious agent injection, tool misuse — with production-ready defensive solutions
  • Production experience with at least one of LangChain, LlamaIndex, AutoGen, CrewAI, or LangGraph
  • Proficiency with Docker, Kubernetes, and microservice architecture
 

Nice to Haves

  • SAST/SCA or code auditing tool experience 
  • LLM fine-tuning or local model deployment; security-domain fine-tuning is a strong plus
  • Open source agent projects on GitHub or merged PRs to mainstream LLM frameworks
  • CTF awards or CVE/CNVD submission records

Perks & Benefits

  • Competitive total compensation package
  • L&D programs and Education subsidy for employees' growth and development
  • Various team building programs and company events
  • Wellness and meal allowances 
  • Comprehensive healthcare schemes for employees and dependants
  • More that we love to tell you along the process!
 
Notice:
All official OKX vacancies are published on this website. While roles may appear on selected third-party platforms from time to time, information on other sites may be inaccurate or outdated. If in doubt, please apply directly through our official careers website.
Information collected and processed as part of the recruitment process of any job application you choose to submit is subject to OKX's Candidate Privacy Notice.
Key Skills
PythonGoJavaLLMAgentic AISecurity engineeringDockerKubernetesMicroservicesLangChainLlamaIndexAutoGenCrewAILangGraphCI/CDVulnerability detection
Categories
TechnologySecurity & SafetySoftwareEngineeringData & Analytics
Benefits
Competitive total compensation packageLearning and development programsEducation subsidyTeam building programsCompany eventsWellness allowanceMeal allowanceComprehensive healthcare schemes
Job Information
📋Core Responsibilities
Design and implement multi-agent systems for code auditing, vulnerability detection, and malicious code identification. Develop CI/CD plugins and security frameworks to ensure the observability and traceability of production AI agents.
📋Job Type
full time
📊Experience Level
2-5
💼Company Size
7132
📊Visa Sponsorship
No
💼Language
English
🏢Working Hours
40 hours
Apply Now →

You'll be redirected to
the company's application page