**Secure Every Identity, from AI to Human
**Identity is the key to unlocking the potential of AI. Okta secures AI by building the trusted, neutral infrastructure that enables organizations to safely embrace this new era. This work requires a relentless drive to solve complex challenges with real-world stakes. We are looking for builders and owners who operate with speed and urgency and execute with excellence.
This is an opportunity to do career-defining work. We're all in on this mission. If you are too, let's talk.
About Okta for AI Agents
Okta secures access for 20,000 organizations and billions of users. Okta for AI Agents extends that work to the agentic shift. Deploying an AI agent is not like deploying traditional software. You are putting professional work output into production, and it needs deep integration, continuous tuning, and change management. Every agent needs an identity, a scope, an audit trail, and a way to be shut down when it goes wrong. Most enterprises have not built this yet. We are.
We hire builders who see the cracks in enterprise agent identity that everyone else has learned to live with.
The Role
You are the most senior technical field authority for agent identity at Okta. Where a Senior FDE owns the outcome inside one account, you own the patterns that every account and every FDE inherits. You take the hardest and most strategic deployments yourself, set the reference architecture the team builds from, and turn what the field learns into the direction the product takes.
You still write code. You also multiply the people around you, and you are the person product and engineering leadership call when an agent identity problem has no precedent.
Responsibilities
- **Own the reference architecture. **Define the canonical agent identity, delegation, audit, and kill-switch patterns that Senior FDEs deploy across the portfolio, and keep them current as the standards and the product move.
- **Lead the hardest accounts. **Personally own the most strategic, regulated, or technically novel deployments, the ones where there is no playbook yet.
- **Raise the technical bar. **Review other FDEs’ architectures, coach senior customer engineers and your own team, and set the standard for what good looks like in the field.
- **Shape the roadmap. **Synthesize patterns across every account into a clear point of view, and work directly with product and engineering leadership to prioritize what ships next.
- **Represent Okta as a technical authority. **Brief CISO, CIO, and Chief AI Officer audiences, contribute to the standards and frameworks shaping agent identity, and carry the external technical voice.
- **Resolve what others cannot. **Step into the hardest technical and political situations across accounts and find the path forward.
- **Set the standard for evals and observability. **Define how the team measures authorization latency, scope sprawl, delegation anomalies, audit completeness, and kill-switch verification, so it scales beyond any single customer.
- **Build the team’s leverage. **Turn recurring field work into reusable modules, internal tooling, and enablement so the whole FDE function moves faster.
Requirements
- **Engineering depth. **10+ years shipping production software, with deep distributed systems and identity experience and a track record of staying hands-on while setting direction.
- **Authority-level identity protocols. **OAuth 2.0, OIDC, SAML, SCIM, RFC 8693 token exchange, act claims, CIMD and DCR, DPoP. Contribution to standards or open source is a plus.
- **Deep agent security fluency. **OWASP Top 10 for Agentic Applications, NIST AI RMF, MITRE ATLAS, plus MCP, A2A, ISO/IEC 42001, and the EU AI Act, with the judgment to apply them in HIPAA, FedRAMP, and SOC 2 environments.
- **Expert fine-grained authorization. **ReBAC and ABAC with policy engines (OPA, Cedar, OpenFGA, or equivalent), and command of the design tradeoffs at scale.
- **Proven AI hands-on. **Production integrations across the major agent platforms and MCP, and daily AI-native development.
- **Force multiplier. **A record of setting technical direction across multiple teams or accounts, and of mentoring senior engineers.
- **Customer-facing authority. **Credible from the IDE to the boardroom, trusted by CISOs and principal engineers alike, and steady when account politics get sharp.
- **High agency, founder’s mindset. **Applied to building a function, not just an account.
#LI-Remote
(P25253_3456692)
The annual base salary range for this position for candidates located in the San Francisco Bay area is between:
$269,000—$369,000 USD
Below is the annual base salary range for candidates located in California (excluding San Francisco Bay Area), Colorado, Illinois, New York and Washington. Your actual base salary will depend on factors such as your skills, qualifications, experience, and work location. In addition, Okta offers equity (where applicable), bonus, and benefits, including health, dental and vision insurance, 401(k), flexible spending account, and paid leave (including PTO and parental leave) in accordance with our applicable plans and policies. To learn more about our Total Rewards program please visit: https://rewards.okta.com/us.
The annual base salary range for this position for candidates located in California (excluding San Francisco Bay Area), Colorado, Illinois, New York, and Washington is between:
$240,000—$330,000 USD
** The Okta Experience**
- Supporting Your Well-Being
- Driving Social Impact
- Developing Talent and Fostering Connection + Community
We are intentional about connection. Our global community, spanning over 20 offices worldwide, is united by a drive to innovate. Your journey begins with an immersive, in-person onboarding experience designed to accelerate your impact and connect you to our mission and team from day one.
Okta is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, ancestry, marital status, age, physical or mental disability, or status as a protected veteran. We also consider for employment qualified applicants with arrest and convictions records, consistent with applicable laws.
If reasonable accommodation is needed to complete any part of the job application, interview process, or onboarding please use this Form to request an accommodation.
Notice for New York City Applicants & Employees: Okta may use Automated Employment Decision Tools (AEDT), as defined by New York City Local Law 144, that use artificial intelligence, machine learning, or other automated processes to assist in our recruitment and hiring process. In accordance with NYC Local Law 144, if you are an applicant or employee residing in New York City, please click here to view our full NYC AEDT Notice.
Okta is committed to complying with applicable data privacy and security laws and regulations. For more information, please see our Personnel and Job Candidate Privacy Notice at https://www.okta.com/legal/personnel-policy/.