Mobile Engineering Director, Security

About OKX

At OKX, we believe the future will be reshaped by crypto, ultimately contributing to every individual's freedom. OKX is a leading crypto exchange and developer of OKX Wallet, giving millions access to crypto trading and decentralized applications (dApps). We are a trusted brand backed by our Proof of Reserves, with a global presence spanning multiple offices united by our core principles: We Before Me, Do the Right Thing, and Get Things Done.

Security is foundational to everything we build. As we scale across new markets and continue to ship innovative security features, we are looking for a seasoned engineering leader to drive our security engineering mission at the platform and application level.

Role Overview

The Engineering Director, Security will lead a high-performing security engineering function responsible for protecting OKX's platforms, mobile applications, and infrastructure. This is a senior leadership role that spans technical strategy, team building, and hands-on security architecture. You will work cross-functionally with mobile, platform, compliance, and operations teams to embed security across the full software development lifecycle.

What You'll Be Doing

• Define and drive the security engineering roadmap, aligning with broader organizational and product objectives across web, mobile, and infrastructure domains.
• Lead, grow, and retain a diverse team of security engineers, fostering a culture of technical excellence, collaboration, and continuous improvement.
• Own the strategy and execution of application security programs, including threat modeling, vulnerability management, secure code review, and bug bounty operations.
• Partner with mobile and platform engineering teams to embed secure development practices into the SDLC, covering iOS, Android, and web applications.
• Oversee the design and implementation of security SDKs, device integrity mechanisms, and anti-abuse controls for large-scale consumer applications.
• Establish and track key security metrics; define team priorities and ensure equitable resource allocation to sustain a high-performing organization.
• Provide technical direction on security architecture, reviewing designs and guiding engineering teams through complex, ambiguous security challenges.
• Stay current on offensive security techniques, emerging threats, and industry best practices; translate findings into actionable improvements to OKX's security posture.
• Lead and coordinate incident response efforts, producing clear post-incident reports and actionable remediation plans for both technical and management audiences.
• Collaborate with compliance and operations teams to ensure security is a consistent, organization-wide priority.

What We Look For In You

• 8+ years of experience in security engineering or a related field, with at least 3years in a leadership or management role overseeing engineering teams.
• Deep understanding of application security principles across mobile (iOS/Android)and web platforms, including knowledge of common vulnerability classes and mitigation strategies.
• Proven ability to define technical direction and security roadmaps, and to guide teams through the delivery of high-quality security solutions at scale.
• Experience managing security programs end-to-end: vulnerability management, penetration testing, threat modeling, and security incident response.
• Strong communication skills — able to present security findings and strategies clearly to both technical teams and executive stakeholders.
• Experience setting team priorities, managing resources, and building scalable engineering processes in a fast-moving environment.
• Demonstrated ability to build and develop diverse, high-performing security teams.

Nice to Have

• Hands-on experience with mobile security tooling, including security SDK development, reverse engineering, or anti-tampering mechanisms for large-scale consumer applications.
• Familiarity with offensive security techniques, including exploit development, ARM assembly, or native-layer countermeasures.
• Experience in fintech, crypto, or other regulated industries with elevated security and compliance requirements.
• Background in business risk control, fraud prevention, or threat intelligence, with practical knowledge of countermeasures against black and gray market actors.
• Proficiency in code review across mobile or web stacks (Swift, Kotlin, TypeScript/JavaScript).

Perks & Benefits

• Competitive total compensation package
• L&D programs and Education subsidy for employees' growth and development
• Various team building programs and company events
• Wellness and meal allowances
• Comprehensive healthcare schemes for employees and dependents
• More that we love to tell you along the process!