Security Engineer, Detection (Senior/Staff/Principal)

Okta, San Francisco,CA or San Jose,CA

Okta is an integrated identity and mobility management service

You will be a part of Okta’s defensive security team and take a leadership role in Internet-scale defensive security measures surrounding the Okta platform, code base, and infrastructure. This person will be required to work effectively and seamlessly with Okta’s existing offensive security team, development team, and Okta’s Dev-Ops team. The Security Engineer will need to stay ahead of the state-of-the-art in Internet-scale web service security defensive measures.

Job Duties and Responsibilities:

  • Play a key role in Okta’s Detection and Prevention efforts by collaborating with internal IT, Engineering, DevOps and Product Management teams to facilitate identification, handling and resolution of Corporate and Production environment security incidents
  • Monitor, maintain and improve Okta’s security detection initiatives by identifying and ingesting new security log sources, and by writing (Anticipated and Reactive) custom security event correlation rules to identify targeted malicious activity
  • Lead/contribute to implementation or improvement of automation around AWS Service-level security controls and build solutions for monitoring corporate SaaS services
  • Improve monitoring instrumentation, intrusion detection setup & rules, Endpoint detection solution and DNS/Content Filtering systems
  • Design, evangelize and implement security process & technical controls to enhance Okta's ability to detect, analyze and prevent malicious activity
  • Research new threats, attack vectors, 0 days that impact Okta's application/infrastructure, provide remediation recommendations and monitor remediation efforts

Required Skills:

  • 5+ years of hands-on experience as a lead contributor to Security Operations, Threat Detection, or Security Architecture in cloud environments
  • Extensive experience in detecting, alerting and automating triage or remediation of security events
  • Experience building security solutions in continuous deployment pipelines
  • Deep understanding of the TCP/IP Stack, Web-Application Architecture, and Encryption Fundamentals
  • Experience in one or more configuration management or infrastructure as code tools such as Chef, Puppet, Ansible or Terraform
  • Working knowledge of Splunk, ELK or other security monitoring/response products
  • Experience in Security root cause analysis across systems, network, code in legacy and cloud environments
  • Ability to apply knowledge of attacker tools, techniques and procedures to enhance Okta’s detection posture
  • Proficient in at least one programming language (Python, Ruby, Golang, C/C++ etc) and experience deploying code in a production environment

Bonus Skills:

  • Exposure or experience working with AWS
  • Experience utilizing OSQuery, Auditd or other similar insight generation frameworks
  • Experience automating integrations between APIs and creating middleware to connect disparate systems

Okta is an Equal Opportunity Employer



About Okta

Okta is the leading independent provider of identity for the enterprise. The Okta Identity Cloud connects and protects employees of many of the world's largest enterprises. It also securely connects enterprises to their partners, suppliers and customers. With deep integrations to over 5,000 applications, the Okta Identity Cloud enables simple and secure access for any user from any device. Thousands of customers, including 20th Century Fox, Adobe, Dish Networks, Experian, Flex, LinkedIn, and News Corp, trust Okta to help them work faster, boost revenue and stay secure. Okta helps customers fulfill their missions faster by making it safe and easy to use the technologies they need to do their most significant work.

Want to learn more about Okta? Visit Okta's website.