What you'd actually do

Develop and refine the strategic roadmap for the Identity Security portfolio. Act as a key stakeholder who directly shapes and prioritizes the core Okta and Auth0 Product roadmaps based on internal deployment findings.

Ensure that as Alpha features are released, Okta’s internal IAM team rigorously tests them and provides real-time feedback through the SDLC process. Own the internal rollout of these features through Early Availability (EA), driving adoption so Okta successfully "drinks its own champagne."

Design the internal rollout blueprint and external product strategy for how Okta DBSSO and Chrome DBSC complement one another, creating a layered defense that protects corporate endpoints from token and cookie exfiltration.

Define the operational and technical guardrails for deploying AI Agents internally and externally—ensuring secure integration via identity gateways, downscoped runtime permissions, and an unbreakable audit trail.

Act as the primary liaison between business units, development, and engineering teams. Lead planning activities, author comprehensive PRDs/user stories, and prioritize features within Scrum/Kanban frameworks.

Skills

Required

Product Management
Technical Program Management
Enterprise Architecture
IAM technologies
developer platforms
enterprise security
machine-to-machine infrastructure
AI agents
LLM applications
security gateways
developer APIs
authentication
authorization
modern communication patterns
MCP
OAuth 2.0
identity threat vectors
AiTM phishing
info-stealer malware
session hijacking
cryptographic hardware-binding
TPM
Secure Enclave
session state
influencing product roadmaps
engineering priorities

Nice to have

Auth0
Okta Device Bound SSO (DBSSO)
Google Chrome Device Bound Session Credentials (DBSC)
Identity Threat Protection (ITP)
Identity Security Posture Management (ISPM)
Model Context Protocol (MCP)

**Secure Every Identity, from AI to Human

**Identity is the key to unlocking the potential of AI. Okta secures AI by building the trusted, neutral infrastructure that enables organizations to safely embrace this new era. This work requires a relentless drive to solve complex challenges with real-world stakes. We are looking for builders and owners who operate with speed and urgency and execute with excellence.

This is an opportunity to do career-defining work. We're all in on this mission. If you are too, let's talk.

The Identity Team

The Identity team's mission is to secure the world's identity connections while building the foundational trust layer for the modern enterprise. As organizations successfully adopt phishing-resistant MFA, attackers have shifted their tactics—increasingly deploying Adversary-in-the-Middle (AiTM) phishing kits and info-stealer malware to execute session hijacking via cookie theft. Furthermore, with the explosive rise of autonomous AI workloads, securing human identity is no longer enough; we must now protect and govern a fast-growing sprawl of non-human, agentic workflows.

The Principal Product Manager Opportunity

We are looking for a highly mature, customer-obsessed, and technically curious Principal Product Manager to drive our Identity Security & Agentic Identity portfolio. In this role, you will be a cornerstone of the "Okta on Okta" team, acting as Customer Zero. You will report directly to the VP of IAM to ensure Okta "drinks our own champagne." You will shepherd cutting-edge features from Alpha through Early Availability (EA)—guaranteeing we are our own first and best customer before these solutions scale to the rest of the world.

Because identity security is a rapidly evolving frontier, this role is less about hitting a specific year-count and more about your professional maturity, strategic judgment, and ability to operate autonomously. You will act as a critical bridge—implementing capabilities internally, capturing real-world insights, and directly influencing and shaping the core Okta and Auth0 Product roadmaps.

Key Portfolio Focus Areas

As the Principal PM, you will drive the strategy and directly influence the product direction for Okta’s premier identity security offerings across both our workforce and developer platforms:

AI Agent & Agentic Identity Security: Leading the strategy for how Okta governs non-human, autonomous AI workloads across our entire product ecosystem:
- O4AA (Okta for AI Agents) & A4AA (Auth0 for AI Agents): Defining authentication and authorization patterns for workforce and developer-facing AI agents.
- Next-Gen Guardrails: Managing token exchange patterns, identity/security gateways, and the Model Context Protocol (MCP) to secure agent-to-data interactions.
Hardware-Bound Session Security: Architecting Okta’s defense against session cookie thievery by leveraging cryptographically hardware-bound tokens. This includes owning the strategy for Okta Device Bound SSO (DBSSO) and Google Chrome Device Bound Session Credentials (DBSC).
Advanced Threat & Posture Management: Integrating Identity Threat Protection (ITP) for continuous risk evaluation and Identity Security Posture Management (ISPM) to surface and remediate hidden risks across human and machine identities.

**What you’ll be doing **

Roadmap Influence & Strategy: Develop and refine the strategic roadmap for the Identity Security portfolio. Act as a key stakeholder who directly shapes and prioritizes the core Okta and Auth0 Product roadmaps based on internal deployment findings.
Champagne Lifecycle Management (Alpha to EA): Ensure that as Alpha features are released, Okta’s internal IAM team rigorously tests them and provides real-time feedback through the SDLC process. Own the internal rollout of these features through Early Availability (EA), driving adoption so Okta successfully "drinks its own champagne."
Anti-Session Hijacking Architecture: Design the internal rollout blueprint and external product strategy for how Okta DBSSO and Chrome DBSC complement one another, creating a layered defense that protects corporate endpoints from token and cookie exfiltration.
Agentic Governance: Define the operational and technical guardrails for deploying AI Agents internally and externally—ensuring secure integration via identity gateways, downscoped runtime permissions, and an unbreakable audit trail.
Execution & Technical Delivery: Act as the primary liaison between business units, development, and engineering teams. Lead planning activities, author comprehensive PRDs/user stories, and prioritize features within Scrum/Kanban frameworks.
Metrics & Insights: Define and monitor KPI-based reporting to provide the VP of IAM and executive leadership with clear visibility into portfolio scope, security coverage, and testing velocity across human and non-human identities.

What you’ll bring to the role

Professional Maturity & Experience: Demonstrated success operating at a Principal level within Product Management, Technical Program Management, or Enterprise Architecture. Experience in IAM technologies, developer platforms (like Auth0), enterprise security, or machine-to-machine infrastructure is highly valued, but your proven ability to lead through influence is paramount.
AI & Developer Tech Literacy: A strong conceptual and technical grasp of how AI agents, LLM applications, security gateways, and developer APIs handle authentication, authorization, and modern communication patterns (like MCP and OAuth 2.0).
Session Security & Threat Literacy: A strong technical understanding of modern identity threat vectors (AiTM phishing, info-stealer malware, session hijacking) and how cryptographic hardware-binding (TPM, Secure Enclave) protects session state.
Strategic Influence: A track record of successfully influencing product roadmaps and engineering priorities across highly matrixed, global organizations without direct reporting authority.
Navigating Ambiguity: Exceptional analytical and problem-solving skills; the ability to maintain composure and produce concrete action plans from incomplete, conflicting, or highly ambiguous inputs.
Executive Presence: Elite presentation, verbal, and written communication skills, with the confidence to brief executive leadership and translate deep technical architecture into compelling business value.

#LI-MC1

#LI-Hybrid

#P21720_3472537

Below is the annual salary range for candidates located in Canada. Your actual salary will depend on factors such as your skills, qualifications, and experience. In addition, Okta offers equity (where applicable), bonus, and benefits, including health, dental, and vision insurance, RRSP with a match, healthcare spending, telemedicine, and paid leave (including PTO and parental leave) in accordance with our applicable plans and policies. To learn more about our Total Rewards program, please visit: https://rewards.okta.com/can.

The annual base salary range for this position for candidates located in Canada is between:

$173,000—$237,600 CAD

The Okta Experience

Supporting Your Well-Being
Driving Social Impact
Developing Talent and Fostering Connection + Community

We are intentional about connection. Our global community, spanning over 20 offices worldwide, is united by a drive to innovate. Your journey begins with an immersive, in-person onboarding experience designed to accelerate your impact and connect you to our mission and team from day one.

Okta is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, ancestry, marital status, age, physical or mental disability, or status as a protected veteran. We also consider for employment qualified applicants with arrest and convictions records, consistent with applicable laws.

If reasonable accommodation is needed to complete any part of the job application, interview process, or onboarding please use this Form to request an accommodation.

Notice for New York City Applicants & Employees: Okta may use Automated Employment Decision Tools (AEDT), as defined by New York City Local Law 144, that use artificial intelligence, machine learning, or other automated processes to assist in our recruitment and hiring process. In accordance with NYC Local Law 144, if you are an applicant or employee residing in New York City, please click here to view our full NYC AEDT Notice.