Data Security Audit Senior Manager

About the Opportunity

OKX is undertaking a significant global team buildout, and we are looking for an experienced Manager or Senior Manager to join our Digital Trust & Controls Assurance team. This is a unique opportunity for a subject matter expert in Data Security to execute critical assurance projects that directly impact the protection of sensitive company and customer data at a leading crypto organization.

As a senior individual contributor, you will focus on deep technical assessments of the controls that secure our most valuable information assets and the company’s strategy, guidelines, and risk management practices.

Serve as the subject matter expert for auditing the technical controls that protect sensitive data and the enterprise‑wide strategy, guidelines, and risk‑management frameworks for both internal and third‑party AI tools. Leverage your deep expertise to lead our data security assurance program while contributing to a wide range of audits across other Digital Trust domains. Contribute to the annual risk‑based audit plan by identifying emerging data security and related risks and scoping potential audit projects.

Collaborate effectively with engineering, security, technology, and business stakeholders to communicate audit findings, provide value‑add recommendations, and monitor remediation plans. Develop and maintain expert knowledge of the evolving crypto threat landscape, data security best practices, and the regulatory landscape to ensure audit approaches remain current and effective.

We’re looking for a hands‑on, deeply technical practitioner/auditor who is a recognized subject matter expert in Data Security. You have demonstrable experience assessing controls in complex, high‑technology environments—ideally within crypto or Fin Tech. You thrive on applying your deep specialty while also contributing your broad skills across a range of digital trust domains.

• Implementing and/or auditing the strategy, policies, standards, and controls that secure sensitive data
• Data security controls in data warehouses and cloud‑native environments (AWS and Alicloud preferred)
• Data security architecture and design; secure disposal
• Encryption standards and protocols; cryptographic key management
• Data Loss Prevention (DLP) across endpoints, networks, and cloud
• Incident Response and Data Forensics
• Threat modelling and User Behavior Analytics
• Data Access Governance (DAG) tools
• Authentication and Authorization frameworks (OAuth 2.0, OpenID Connect, SAML, JWT, RBAC, ABAC)
• Work in a Dev Ops/Dev Sec Ops  environment and integrate security into CI/CD pipelines

• AI Governance:
  Prior experience and familiarity with strategies, guidelines, and risk management frameworks that govern AI with respect to in‑house‑developed and third‑party tools would be a plus (e.g., ethics, bias detection/mitigation, modeling)
• Crypto & Blockchain Acumen:
  Prior experience with a crypto exchange or crypto product is highly preferred. You must have a fundamental understanding of blockchain technology, including distributed ledgers, consensus mechanisms, and cryptography
• Critical Thinking for Complex Environments: A proven capacity to analyze novel technical and control environments unique to crypto, identify intricate root causes, and propose effective, context‑specific solutions
• Broad Expertise Across Digital Trust Domains:
  Demonstrable experience auditing the design and effectiveness of controls in the following areas:
  Cybersecurity Governance and Operations, Data Privacy Legislation and Best Practices, IT General Controls (ITGCs)
• Data Analysis & SQL:
  Experience using SQL for data analysis is highly desired. The ability to achieve proficiency in performing data analytics with SQL within the first 90 days will be required

• Competitive total compensation package
• L&D programs and education subsidy for employees’ growth and development
• Various team building programs and company events
• Wellness and meal allowances
• Comprehensive healthcare schemes for employees and dependants