AI Agent Security Research Engineer

About the role

At OKX, we believe that the future will be reshaped by crypto, and ultimately contribute to every individual's freedom. OKX is a leading crypto exchange, and the developer of OKX Wallet, giving millions access to crypto trading and decentralized crypto applications (dApps). OKX is also a trusted brand by hundreds of large institutions seeking access to crypto markets. We are safe and reliable, backed by our Proof of Reserves. Across our multiple offices globally, we are united by our core principles: We Before Me, Do the Right Thing, and Get Things Done. These shared values drive our culture, shape our processes, and foster a friendly, rewarding, and diverse environment for every OK-er. OKX is part of OKG, a group that brings the value of Blockchain to users around the world, through our leading products OKX, OKX Wallet, OKLink and more.

Responsibilities

• AI-Driven Code Security Detection Engine
• Integrate RAG, Chain-of-Thought, Reflection, and other technologies into security audit agents. Continuously optimize detection accuracy and recall rates while establishing a quantifiable evaluation and iteration framework.
• Deeply integrate with DevSecOps workflows. Develop plugins for mainstream pipelines like GitLab CI/CD, Tekton, and Jenkins to achieve "audit-on-commit."
• AI System Security Protection and Threat Response
• Develop Agent workflows for automated alert classification, contextual correlation, and false positive filtering. Integrate RAG-driven threat intelligence retrieval to generate automated analysis conclusions, supporting SOAR platform integration.
• Design human-machine collaboration intervention mechanisms and Agent behavior audit systems to ensure observability, traceability, and intervenability of Agent actions in production environments, adhering to industry standards like the OWASP Top 10 Risks for LLMs.
• Engineering Development and Platform Services
• Construct a highly available, scalable Agent service architecture supporting large-scale concurrent scanning task scheduling and fault tolerance.
• Oversee standardized API output for detection capabilities, building closed-loop systems for rule management, result visualization, and false positive feedback.

Requirements

• Development Experience: 3+ years of backend development experience, proficient in at least one of Python/Go/Java, with a solid engineering foundation.
• Framework Proficiency: Familiarity with at least one agent framework (LangChain, LlamaIndex, AutoGen, CrewAI, or LangGraph), with production project experience.
• Engineering Capabilities: Proficient in Docker and Kubernetes, with expertise in microservices architecture design and deployment.
• Security Tool Experience: Experience with SAST/SCA tools, or deep usage of code auditing tools like CodeQL, Semgrep, or SonarQube.
• Open-Source Contributions: High-quality open-source projects related to agents on GitHub, or pull requests submitted to mainstream LLM frameworks.
• Security Competitions: Awards from CTF competitions, or a track record of submitting CVE/CNVD vulnerabilities.

Benefits

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at okx? Share your experience