Security Engineer, Detection (Senior/Staff/Principal)

Full Time
San Francisco, CA
report a problem

Powering the Cloud & Mobile Enterprise
Integrated Identity & Mobility Management

You will be a part of Okta’s defensive security team and take a leadership role in Internet-scale defensive security measures surrounding the Okta platform, code base, and infrastructure. This person will be required to work effectively and seamlessly with Okta’s existing offensive security team, development team, and Okta’s Dev-Ops team. The Security Engineer will need to stay ahead of the state-of-the-art in Internet-scale web service security defensive measures.

Job Duties and Responsibilities:

  • Play a key role in Okta’s Detection and Prevention efforts by collaborating with internal IT, Engineering, DevOps and Product Management teams to facilitate identification, handling and resolution of Corporate and Production environment security incidents
  • Monitor, maintain and improve Okta’s security detection initiatives by identifying and ingesting new security log sources, and by writing (Anticipated and Reactive) custom security event correlation rules to identify targeted malicious activity
  • Lead/contribute to implementation or improvement of automation around AWS Service-level security controls and build solutions for monitoring corporate SaaS services
  • Improve monitoring instrumentation, intrusion detection setup & rules, Endpoint detection solution and DNS/Content Filtering systems
  • Design, evangelize and implement security process & technical controls to enhance Okta's ability to detect, analyze and prevent malicious activity
  • Research new threats, attack vectors, 0 days that impact Okta's application/infrastructure, provide remediation recommendations and monitor remediation efforts

Required Skills:

  • 5+ years of hands-on experience as a lead contributor to Security Operations, Threat Detection, or Security Architecture in cloud environments
  • Extensive experience in detecting, alerting and automating triage or remediation of security events
  • Experience building security solutions in continuous deployment pipelines
  • Deep understanding of the TCP/IP Stack, Web-Application Architecture, and Encryption Fundamentals
  • Experience in one or more configuration management or infrastructure as code tools such as Chef, Puppet, Ansible or Terraform
  • Working knowledge of Splunk, ELK or other security monitoring/response products
  • Experience in Security root cause analysis across systems, network, code in legacy and cloud environments
  • Ability to apply knowledge of attacker tools, techniques and procedures to enhance Okta’s detection posture
  • Proficient in at least one programming language (Python, Ruby, Golang, C/C++ etc) and experience deploying code in a production environment

Bonus Skills:

  • Exposure or experience working with AWS
  • Experience utilizing OSQuery, Auditd or other similar insight generation frameworks
  • Experience automating integrations between APIs and creating middleware to connect disparate systems

Share this job:

Okta, Inc.

Okta is the foundation for secure connections between people and technology. By harnessing the power of the cloud, Okta allows people to access applications on any device at any time, while still enforcing strong security policies. It integrates directly with an organization’s existing directories and identity systems, as well as 4,000+ applications. 

Because Okta runs on an integrated platform, organizations can implement the service quickly at large scale and low total cost. 

More than 2,000 customers, including Adobe, Allergan, Chiquita, LinkedIn, MGM Resorts International and Western Union, trust Okta to help their organizations work faster, boost revenue and stay secure. 
Identity Management, Access Management, Single Sign-On, SaaS, Cloud, User Management, Mobile Security, Mobility Management, IDaaS
Visit Okta, Inc.'s Social Media pages:
Company Industry: Computer Software
Company Type: Privately Held
Company Size: 201-500