Staff Software Engineer, Security Engin… at Okta

What you'd actually do

Design organization-wide controls (SCPs, Azure Policy) that provide maximum protection with minimum developer friction.

Architect templates and permission boundaries that govern how services and humans interact with our cloud environment with the principle of least privilege in mind.

Define the security standards for VPC architecture, edge networking, and cross-account connectivity.

Lead platform-related security reviews for new features and high-impact services, ensuring security is baked into the design phase.

Design systems and processes to validate the security posture of the platform, ensuring our security policies are enforced in real-time with actionable feedback for engineering teams.

Skills

Required

8+ years of proven experience in information security, specifically within cloud-native environments, Kubernetes (EKS, AKS), and cloud security.
Deep understanding of secure networking principles, including VPC peering/transit gateways, VPN implementations, edge protection, and managing public/private PKI infrastructures.
Strong background in building automated controls for enforcing Policy-as-Code within Terraform workflows.
Hands-on experience identifying attack vectors and conducting risk assessments for complex, distributed systems.
Experience working with security platforms for analyzing cloud permissions.
Exceptional communication skills with a track record of aligning multiple teams toward shared security goals.
Ability to access federal environments and/or have access to protected federal data.
U.S. Person status

Nice to have

Experience navigating compliance frameworks such as FedRAMP, SOC2, or HIPAA in a cloud environment.
Proficiency in one or more languages used for automation and tooling, such as Python, Go, or JavaScript.
Experience creating, managing, and securing containerized environments.
Experience with service mesh (Istio) security policies and zero-trust networking.

**Secure Every Identity, from AI to Human

**Identity is the key to unlocking the potential of AI. Okta secures AI by building the trusted, neutral infrastructure that enables organizations to safely embrace this new era. This work requires a relentless drive to solve complex challenges with real-world stakes. We are looking for builders and owners who operate with speed and urgency and execute with excellence.

This is an opportunity to do career-defining work. We're all in on this mission. If you are too, let's talk.

We are looking for a Staff Software Engineer that will join the Auth0 Security Engineering organization. You’ll be responsible for designing and building the security guardrails for our multi-cloud environment, translating complex security and compliance standards into programmatic, code-driven policies.

What You Will Do

Cloud Security Strategy**:** Design organization-wide controls (SCPs, Azure Policy) that provide maximum protection with minimum developer friction.
Identity & Access Management (IAM): Architect templates and permission boundaries that govern how services and humans interact with our cloud environment with the principle of least privilege in mind.
Infrastructure & Network Security: Define the security standards for VPC architecture, edge networking, and cross-account connectivity.
Platform Security Architecture: Lead platform-related security reviews for new features and high-impact services, ensuring security is baked into the design phase.
System Design**:** Design systems and processes to validate the security posture of the platform, ensuring our security policies are enforced in real-time with actionable feedback for engineering teams.
Mentorship & Influence: You raise the bar for the entire organization by mentoring junior engineers and influencing senior leadership on critical security decisions.

What You Bring

Cloud & Infrastructure Expertise**:** 8+ years of proven experience in information security, specifically within cloud-native environments, Kubernetes (EKS, AKS), and cloud security.
Network Architecture & PKI: Deep understanding of secure networking principles, including VPC peering/transit gateways, VPN implementations, edge protection, and managing public/private PKI infrastructures.
Policy & Automation Specialist**:** Strong background in building automated controls for enforcing Policy-as-Code within Terraform workflows.
Practical Risk Assessments**:** Hands-on experience identifying attack vectors and conducting risk assessments for complex, distributed systems.
Tooling & AI Proficiency**:** Experience working with security platforms for analyzing cloud permissions and a background or interest in applying AI to streamline security tasks and governance.
Collaborative Influencer**:** Exceptional communication skills with a track record of aligning multiple teams toward shared security goals.
Education**:** A Bachelor's degree in Computer Science, Information Security, Systems Engineering, or a related field.

Nice to Have

Experience navigating compliance frameworks such as FedRAMP, SOC2, or HIPAA in a cloud environment.
Proficiency in one or more languages used for automation and tooling, such as Python, Go, or JavaScript.
Experience creating, managing, and securing containerized environments.
Experience with service mesh (Istio) security policies and zero-trust networking.

Additional requirements:

This position requires the ability to access federal environments and/or have access to protected federal data. As a condition of employment for this position, the successful candidate must be able to submit documentation establishing U.S. Person status (e.g. a U.S. Citizen, National, Lawful Permanent Resident, Refugee, or Asylee. 22 CFR 120.15) upon hire.

#LI-HYBRID

#LI-SH1 P-1609.1_3388437

Below is the annual base salary range for candidates located in California (excluding San Francisco Bay Area), Colorado, Illinois, New York and Washington. Your actual base salary will depend on factors such as your skills, qualifications, experience, and work location. In addition, Okta offers equity (where applicable), bonus, and benefits, including health, dental and vision insurance, 401(k), flexible spending account, and paid leave (including PTO and parental leave) in accordance with our applicable plans and policies. To learn more about our Total Rewards program please visit:https://rewards.okta.com/us.

The annual base salary range for this position for candidates located in California (excluding San Francisco Bay Area), Colorado, Illinois, New York, and Washington is between:

$174,000—$239,000 USD

** The Okta Experience**

Supporting Your Well-Being
Driving Social Impact
Developing Talent and Fostering Connection + Community

We are intentional about connection. Our global community, spanning over 20 offices worldwide, is united by a drive to innovate. Your journey begins with an immersive, in-person onboarding experience designed to accelerate your impact and connect you to our mission and team from day one.

Okta is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, ancestry, marital status, age, physical or mental disability, or status as a protected veteran. We also consider for employment qualified applicants with arrest and convictions records, consistent with applicable laws.

If reasonable accommodation is needed to complete any part of the job application, interview process, or onboarding please use this Form to request an accommodation.

Notice for New York City Applicants & Employees: Okta may use Automated Employment Decision Tools (AEDT), as defined by New York City Local Law 144, that use artificial intelligence, machine learning, or other automated processes to assist in our recruitment and hiring process. In accordance with NYC Local Law 144, if you are an applicant or employee residing in New York City, please click here to view our full NYC AEDT Notice.

Okta is committed to complying with applicable data privacy and security laws and regulations. For more information, please see our Personnel and Job Candidate Privacy Notice at https://www.okta.com/legal/personnel-policy/.

**Secure Every Identity, from AI to Human

This is an opportunity to do career-defining work. We're all in on this mission. If you are too, let's talk.

What You Will Do

Cloud Security Strategy**:** Design organization-wide controls (SCPs, Azure Policy) that provide maximum protection with minimum developer friction.
Identity & Access Management (IAM): Architect templates and permission boundaries that govern how services and humans interact with our cloud environment with the principle of least privilege in mind.
Infrastructure & Network Security: Define the security standards for VPC architecture, edge networking, and cross-account connectivity.
Platform Security Architecture: Lead platform-related security reviews for new features and high-impact services, ensuring security is baked into the design phase.
System Design**:** Design systems and processes to validate the security posture of the platform, ensuring our security policies are enforced in real-time with actionable feedback for engineering teams.
Mentorship & Influence: You raise the bar for the entire organization by mentoring junior engineers and influencing senior leadership on critical security decisions.

What You Bring

Cloud & Infrastructure Expertise**:** 8+ years of proven experience in information security, specifically within cloud-native environments, Kubernetes (EKS, AKS), and cloud security.
Network Architecture & PKI: Deep understanding of secure networking principles, including VPC peering/transit gateways, VPN implementations, edge protection, and managing public/private PKI infrastructures.
Policy & Automation Specialist**:** Strong background in building automated controls for enforcing Policy-as-Code within Terraform workflows.
Practical Risk Assessments**:** Hands-on experience identifying attack vectors and conducting risk assessments for complex, distributed systems.
Tooling & AI Proficiency**:** Experience working with security platforms for analyzing cloud permissions and a background or interest in applying AI to streamline security tasks and governance.
Collaborative Influencer**:** Exceptional communication skills with a track record of aligning multiple teams toward shared security goals.
Education**:** A Bachelor's degree in Computer Science, Information Security, Systems Engineering, or a related field.

Nice to Have

Experience navigating compliance frameworks such as FedRAMP, SOC2, or HIPAA in a cloud environment.
Proficiency in one or more languages used for automation and tooling, such as Python, Go, or JavaScript.
Experience creating, managing, and securing containerized environments.
Experience with service mesh (Istio) security policies and zero-trust networking.

Additional requirements:

This position requires the ability to access federal environments and/or have access to protected federal data. As a condition of employment for this position, the successful candidate must be able to submit documentation establishing U.S. Person status (e.g. a U.S. Citizen, National, Lawful Permanent Resident, Refugee, or Asylee. 22 CFR 120.15) upon hire.

#LI-HYBRID

#LI-SH1 P-1609.1_3388437

The annual base salary range for this position for candidates located in California (excluding San Francisco Bay Area), Colorado, Illinois, New York, and Washington is between:

$174,000—$239,000 USD

** The Okta Experience**

Supporting Your Well-Being
Driving Social Impact
Developing Talent and Fostering Connection + Community

If reasonable accommodation is needed to complete any part of the job application, interview process, or onboarding please use this Form to request an accommodation.

Staff Software Engineer, Security Engineering

What you'd actually do

Skills

Required

Nice to have

What the JD emphasized

What You Will Do

What You Bring

Nice to Have

What You Will Do

What You Bring

Nice to Have