Principal Security Engineer, Identity Defence
Get to know Okta
Okta is The World’s Identity Company. We free everyone to safely use any technology—anywhere, on any device or app. Our Workforce and Customer Identity Clouds enable secure yet flexible access, authentication, and automation that transforms how people move through the digital world, putting Identity at the heart of business security and growth. At Okta, we celebrate a variety of perspectives and experiences. We are not looking for someone who checks every single box - we’re looking for lifelong learners and people who can make us better with their unique experiences. Join our team! We’re building a world where Identity belongs to you.
Information Security is a top business imperative at Okta. In addition to driving security in our Corporate environment and Okta service, the Security team is deeply entrenched in the Okta business. As such, we contribute to product roadmaps, branding, research and other strategic aspects of our operations. We work across multiple functions, business partners and the research community. We are an engineering-focused team that seeks to stay on the cutting edge of security technology and the threat landscape.
Okta’s Defensive Cyber Operations (DCO) organization is building a new team dedicated to identifying attacks against our customers, developing best practices for security configurations to protect against attack, and working closely with Okta’s product teams to ensure additional security controls are implemented in order to better protect our customers. Working in close collaboration with other parts of the organization, this team will have the opportunity to improve the security posture of millions of users.
We are seeking builders who are excited about establishing a new team and helping shape Okta’s customer focused security operations.
Job Duties and Responsibilities
- Identify and respond to attacks targeting customers on the Okta platform through detailed analysis of Okta’s product telemetry.
- Develop dashboards and detection logic to identify known patterns of attack that may succeed should customer’s not implement best practice security controls.
- Automate and orchestrate tasks to enable efficient validation and notification of security-relevant events to our customers.
- Develop and maintain security best practices that put Okta’s security features to use and enable customer facing teams to better communicate how these controls mitigate real world attacks.
- Identify gaps in Okta’s security features or secure by default settings that enable attackers to exploit our customers and collaborate with Okta’s product teams to design and implement additional controls.
- Work closely with Okta’s data scientists in order to test and train new machine learning models by validating real world data and providing known good and bad datasets.
- Collaborate with Okta’s Cyber Threat Research team to share details of threat actor activity and prioritize analytics based on the current cyber threat landscape as it applies to Okta’s customers.
What does it take?
You’re a team player with a thirst for knowledge. You may or may not currently be in a security role, but you are passionate about defending people’s online identities from malicious actors. You’re curious about systems and how they interact, knowing that to properly defend a system you must first understand how it works. You enjoy automating tasks and if you can’t find a tool for the job you create one. You’re calm under pressure and have a good internal compass for taking calculated risks.
Your experience probably includes:
- Learning the ins and outs of new SaaS lproducts: you will be required to quickly become proficient in current and future Okta offerings
- Leading, or contributing to, technology focused teams large or small
- Working on identity and access management, security or data analytics projects.
- Participating or leading complex time-sensitive investigations involving customer account compromise, service abuse, inauthentic behavior or other types of threats an identity service provider would be responsible for helping customers address
- Identifying and solving problems related to complex technology stacks and following through to ensure long term solutions are effectively deployed
- Technologies and protocols to support identity federation and robust access control models (e.g., SAML 2.0, XACML, WS-Federation, WS-Trust, OAuth, OpenID).
- Strong knowledge of a scripting language such as Python
#LI-JP2
#LI-Remote
What you can look forward to as an Full-Time Okta employee!
- Amazing Benefits
- Making Social Impact
- Fostering Diversity, Equity, Inclusion and Belonging at Okta
Okta cultivates a dynamic work environment, providing the best tools, technology and benefits to empower our employees to work productively in a setting that best and uniquely suits their needs. Each organization is unique in the degree of flexibility and mobility in which they work so that all employees are enabled to be their most creative and successful versions of themselves, regardless of where they live. Find your place at Okta today! https://www.okta.com/company/careers/.
Okta is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, ancestry, marital status, age, physical or mental disability, or status as a protected veteran. We also consider for employment qualified applicants with arrest and convictions records, consistent with applicable laws. If reasonable accommodation is needed to participate in the job application or interview process, please use this Form to request an accommodation.
Okta is committed to complying with applicable data privacy and security laws and regulations. For more information, please see our Privacy Policy at https://www.okta.com/privacy-policy/.