Back to Jobs

Product Manager - Security & Compliance(Web3)

moomoo logo

moomoo

Shenzhen
Full-TimeShenzhen

Job Description

Job Overview

Responsible for identifying various security risks, leading the implementation of reliable and effective security solutions to meet regulatory requirements across regions, and ensuring the continuous operation of cryptocurrency-related businesses. Key security domains include but are not limited to: physical security, network security, host/endpoint security, and application/business security.

Prefer Location: Shenzhen

Key Responsibilities

  • Security Development
  • Monitor regulatory requirements related to information security, identify compliance gaps, and drive timely remediation to mitigate compliance risks.
  • Define and develop security features and capabilities for exchanges and wallets, including: multi-factor authentication (MFA), encryption/decryption mechanisms, account security, anti-phishing measures, KYC/AML protocols, and physical safeguards.
  • Stay updated on security trends and technological advancements in the cryptocurrency and exchange industries, continuously assessing and improving platform security standards.
  • Security Operations
  • Develop security risk management strategies and requirements, covering areas such as Secure Development Lifecycle (SDLC), vulnerability management, and incident response.
  • Establish end-to-end vulnerability management processes for exchange and wallet applications, ensuring secure delivery from code development to production deployment.
  • Design emergency response protocols, organize drills, and oversee execution during security incidents.
  • Create internal and external security training programs, educate clients on security best practices, and conduct internal employee training (e.g., security awareness workshops, penetration testing simulations).

Requirements

  • Education
  • Bachelor’s degree or higher in Computer Science, Cybersecurity, Information Technology, or a related field.
  • CISSP, CISA, or equivalent security certifications are preferred.
  • Work Experience
  • 3+ years of security product management experience in financial services or the cryptocurrency industry.
  • Technical Skills
  • In-depth knowledge of security requirements and best practices for cryptocurrency trading platforms.
  • Familiarity with common security tools and technologies, including code vulnerability detection, identity authentication, network access control, and data encryption/decryption.
  • Proficient in enterprise-level information security risk management processes and methodologies.
  • Understanding of blockchain security tools and techniques (e.g., smart contract auditing, blockchain security frameworks).
  • Personal Attributes
  • Exceptional communication and cross-functional collaboration skills, strong logical thinking, and prioritization capabilities.
  • Passionate about information security and the Web3 ecosystem.
  • Ability to work effectively in a fast-paced, dynamic environment while maintaining consistent output under high workloads.
  • Self-driven with strong execution skills, setting a benchmark for team members.
  • Proficient in English and Mandarin for efficient collaboration with global markets and institutional clients.