Information Security Engineer

  • Okcoin
  • San Francisco (Remote)
  • Mar 17, 2022
Full time Remote Engineering

Job Description

Who We Are

Okcoin is one of the world’s largest and fastest growing cryptocurrency exchanges. We help millions of people buy and sell bitcoin, and over 30 other crypto assets every day — but our work is a whole lot more than that. We’re building an inclusive future of finance, one that opens new opportunities to learn financial literacy, store value, and build wealth for everyone.

Ready to help the next billion people experience the future of finance with us? Come on board. We have offices in San Francisco, Miami, Malta, Hong Kong, Singapore and Japan. Even though this role is listed in San Francisco, we are remote friendly and believe in you working wherever you work best.

About the Team 

The Information Security team is responsible for the overall security compliance of Okcoin to ensure we properly protect our and our customers’ information and data, ensure we are compliant with various security compliance frameworks and regulations.

About the Opportunity

As Security Compliance Engineer, you have the opportunity to help build and enhance our information security compliance program to secure our and our customers’ data and establish solid security IT environment.

You will be challenged to provide guidance for developing, implementing, and monitoring a strategic, comprehensive Okcoin global cybersecurity and IT risk management program.

You will work with various internal groups to support all information security-related activities.  You will make recommendations to improve the information security compliance program based on the regulation examines, audits, and 3rd party reviews.

You will also have the opportunity to promote security awareness among Okcoin employees.

The successful candidate will thrive in a fast-paced, collaborative, process-driven environment and be able to adapt and adjust plans on-the-fly. You must also have strong prioritization skills and a willingness to roll up one's sleeves to get the job done.

What You’ll Be Doing:

  • Set up and maintain information security compliance program
  • Provide strategic recommendations to enhance processes, procedures, governance approaches, and compliance, including assistance with external and internal auditing, technical reviews, license applications and identification of security risks
  • Conduct 3rd party vendor security review
  • Evaluate and recommend information security solutions for enhancing the Okcoin IT environment
  • Provide training to Okcoin employees on company-wide IT-related policies/procedures
  • Manage the execution of special assignments and projects as directed

What We Look For In You:

  • Strong conceptual thinking and communication skills - the ability to translate complex business and technical requirements into effective and comprehensible solutions.
  • Working knowledge of various regulations such as SOC2, PCI, HIPAA, SOX, international data privacy regulations such as GDPR, CCPA/CPRA.
  • Demonstrated experience with controls definition, development, implementation, and assessment
  • Knowledge of NIST-800, COSO, and ISO 27000 security practice frameworks.
  • Knowledge of security controls (e.g. Logical access, SSO, Firewalls, IDS/IPS, VPN, Web Content Filters, Proxies, DLP, SIEM, Log aggregation, etc.) 
  • Working knowledge of common enterprise applications/tools such as Okta, JAMF, Google Workspace, VPN 
  • Working knowledge of vendor security review

Nice to Haves:

  • Bachelor’s degree in computer science, or equivalent work experience required.
  • Professional security management certification, such as CISA, CISSP, is a plus but not required.
  • Have the experience involved the whole cycle of security compliance certification
  • Experience working with teams across offices and time zones.
  • Fluent in Mandarin and English

Highlights of Perks and Benefits:

  • Market competitive total compensation package
  • Comprehensive insurance package including medical, dental, vision, disability & life insurance (Company pays 100% for employee/80% for dependents)
  • 401K with company contribution
  • Flexible PTO policy, company paid holidays, and flexible hours
  • UberEats Program
  • Paid Parental Leave
  • Employee Referral Bonus Program paid in BTC
  • Company Donation Match
  • More surprises when you join!

Okcoin Statement:

Okcoin is committed to equal employment opportunities regardless of race, color, genetic information, creed, religion, sex, sexual orientation, gender identity, lawful alien status, national origin, age, marital status, and non-job related physical or mental disability, or protected veteran status. Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.