LLM Security Engineer
OKX
Who We Are
At OKX, we believe that the future will be reshaped by crypto, and ultimately contribute to every individual's freedom.
OKX is a leading crypto exchange, and the developer of OKX Wallet, giving millions access to crypto trading and decentralized crypto applications (dApps). OKX is also a trusted brand by hundreds of large institutions seeking access to crypto markets. We are safe and reliable, backed by our Proof of Reserves.
Across our multiple offices globally, we are united by our core principles: We Before Me, Do the Right Thing, and Get Things Done. These shared values drive our culture, shape our processes, and foster a friendly, rewarding, and diverse environment for every OK-er.
OKX is part of OKG, a group that brings the value of Blockchain to users around the world, through our leading products OKX, OKX Wallet, OKLink and more.
- LLM-based Security Detection Engine Development
- Design and implement a next-generation code security detection engine based on Large Language Models (LLM), covering scenarios such as vulnerability detection, malicious code identification, and sensitive data leakage.
- Responsible for Prompt Engineering optimization, context construction, and result verification to continuously improve the Precision and Recall of the detection engine.
- Explore and implement cutting-edge technologies like RAG (Retrieval-Augmented Generation), Multi-agent collaboration, and Chain-of-Thought in security auditing scenarios.
-
- Engineering & Platform Services
- Design a high-availability and scalable service architecture to support large-scale, high-concurrency code scanning tasks.
- Provide standardized APIs for detection capabilities; build comprehensive systems for rule management, result visualization, and false-positive feedback loops (Human-in-the-loop).
- Deeply integrate with DevSecOps workflows; develop plugins and automation solutions for mainstream CI/CD pipelines (e.g., GitLab CI, Tekton, Jenkins).
-
- Essential
- Education: Bachelor’s degree or higher in Computer Science, Cyber Security, Software Engineering, or related fields.
- Development Experience: 3+ years of backend development experience; proficient in at least one mainstream language such as Python, Go, or Java; solid foundation in algorithms and data structures.
- Security Domain: 1+ year of experience in Static Application Security Testing (SAST) or Software Composition Analysis (SCA); OR deep experience in using/customizing open-source scanners like CodeQL, Semgrep, or SonarQube.
- LLM Technology: Hands-on experience in LLM application development; familiarity with at least one LLM/Agent framework such as LangChain, LlamaIndex, or AutoGen.
- Engineering Skills: Familiar with containerization technologies (Docker, Kubernetes) and microservices architecture design.
-
- Preferred
- Implementation Experience: Proven track record of delivering LLM Agent products in vertical domains (e.g., Security, Code Auditing).
- Model Tuning: Experience with LLM fine-tuning (SFT, LoRA, P-tuning) or local deployment of open-source large models (e.g., Llama 3, Qwen, DeepSeek).
- Open Source Contributions: High-quality open-source projects on GitHub, or PR contributions to well-known security tools or LLM frameworks.
- Security Competitions: Awards in CTF competitions, or validated vulnerability submissions to CVE/CNVD.
-
#LI-DY #LI-ONSITE