Okta for Developers
Staff Security Engineer, TDI
Okta for Developers, San Francisco, California, United States, 94199
Overview
Okta is The World’s Identity Company. We free everyone to safely use any technology, anywhere, on any device or app. Our flexible and neutral products, Okta Platform and Auth0 Platform, provide secure access, authentication, and automation, placing identity at the core of business security and growth. What You’ll Be Doing
Vulnerability & Asset Management
Lead hands‑on vulnerability remediation efforts across endpoints (Mac/Windows), cloud workloads, and on‑prem assets. Deploy, configure, and operationalize tools such as Snyk, Semgrep, and Qualys to expand scanning coverage for all TDI assets. Collaborate with teams to troubleshoot and remediate findings; provide technical mentorship to developers and admins. Improve vulnerability metrics, reporting, and visibility to drive accountability and measurable risk reduction. Partner with GRC to integrate findings into the risk register and ensure timely remediation or risk acceptance. Secure Development & DevSecOps Enablement
Embed within product and engineering teams to advise on secure coding, build pipelines, and deployment best practices. Support and enforce ProdSec SDL adoption across business units, standardizing design reviews and requirements gathering. Implement secrets rotation automation and best practices for secrets management across TDI systems. Lead the Security Champions initiative—mentoring developers and SREs on proactive risk mitigation. Baseline Image & Environment Security
Build and maintain secure baseline container and VM images for AWS environments, integrating core security tooling. Collaborate with SRE to manage update pipelines and enforce compliance with baseline standards. Conduct light Security Architecture Reviews (SARs) for lower environments to confirm proper controls and data handling. Automation & Continuous Improvement
Develop automation for scanning, reporting, and patch validation. Identify and close gaps across CSPM, CI/CD pipeline security, and endpoint hardening. Provide technical guidance for integrating security into business and productivity platforms (Salesforce, ERP, Google Workspace, Slack, Zoom). What You’ll Bring (Qualifications)
10+ years of experience in Security Engineering, DevSecOps, or Infrastructure Security within a SaaS or enterprise environment. Hands‑on technical expertise in vulnerability scanning, patching, and remediation across cloud, endpoint, and SaaS ecosystems. Experience deploying and managing Snyk, Semgrep, and Qualys tools. Strong knowledge of AWS security practices, SRE principles, and securing business technology stacks (Salesforce, ERP, Google, Slack, Zoom). Proven ability to coach, mentor, and collaborate with development teams to improve remediation velocity. Practical understanding of secure SDLC / PDLC, supply chain security, and secrets management. Excellent troubleshooting and communication skills, with a proactive and solution‑oriented mindset. Salary
San Francisco Bay area base range: $148,000—$222,000 USD Below is the annual base salary range for this position for candidates located in California, Colorado, New York and Washington. Your actual base salary will depend on factors such as your skills, qualifications, experience and work location. Benefits
Amazing Benefits Making Social Impact Developing Talent and Fostering Connection + Community at Okta Employment Details
Seniority level: Mid‑Senior level Employment type: Full‑time Job function: Information Technology Industries: Software Development Travel
Some roles may require travel to one of our office locations for in‑person onboarding. Legal & EEO
Okta is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, ancestry, marital status, age, physical or mental disability, or status as a protected veteran. We also consider for employment qualified applicants with arrest and convictions records, consistent with applicable laws. If reasonable accommodation is needed to complete any part of the job application, interview process, or onboarding please use this Form to request an accommodation. Okta is committed to complying with applicable data privacy and security laws and regulations. For more information, please see our Personnel and Job Candidate Privacy Notice at https://www.okta.com/legal/personnel-policy.
#J-18808-Ljbffr
Okta is The World’s Identity Company. We free everyone to safely use any technology, anywhere, on any device or app. Our flexible and neutral products, Okta Platform and Auth0 Platform, provide secure access, authentication, and automation, placing identity at the core of business security and growth. What You’ll Be Doing
Vulnerability & Asset Management
Lead hands‑on vulnerability remediation efforts across endpoints (Mac/Windows), cloud workloads, and on‑prem assets. Deploy, configure, and operationalize tools such as Snyk, Semgrep, and Qualys to expand scanning coverage for all TDI assets. Collaborate with teams to troubleshoot and remediate findings; provide technical mentorship to developers and admins. Improve vulnerability metrics, reporting, and visibility to drive accountability and measurable risk reduction. Partner with GRC to integrate findings into the risk register and ensure timely remediation or risk acceptance. Secure Development & DevSecOps Enablement
Embed within product and engineering teams to advise on secure coding, build pipelines, and deployment best practices. Support and enforce ProdSec SDL adoption across business units, standardizing design reviews and requirements gathering. Implement secrets rotation automation and best practices for secrets management across TDI systems. Lead the Security Champions initiative—mentoring developers and SREs on proactive risk mitigation. Baseline Image & Environment Security
Build and maintain secure baseline container and VM images for AWS environments, integrating core security tooling. Collaborate with SRE to manage update pipelines and enforce compliance with baseline standards. Conduct light Security Architecture Reviews (SARs) for lower environments to confirm proper controls and data handling. Automation & Continuous Improvement
Develop automation for scanning, reporting, and patch validation. Identify and close gaps across CSPM, CI/CD pipeline security, and endpoint hardening. Provide technical guidance for integrating security into business and productivity platforms (Salesforce, ERP, Google Workspace, Slack, Zoom). What You’ll Bring (Qualifications)
10+ years of experience in Security Engineering, DevSecOps, or Infrastructure Security within a SaaS or enterprise environment. Hands‑on technical expertise in vulnerability scanning, patching, and remediation across cloud, endpoint, and SaaS ecosystems. Experience deploying and managing Snyk, Semgrep, and Qualys tools. Strong knowledge of AWS security practices, SRE principles, and securing business technology stacks (Salesforce, ERP, Google, Slack, Zoom). Proven ability to coach, mentor, and collaborate with development teams to improve remediation velocity. Practical understanding of secure SDLC / PDLC, supply chain security, and secrets management. Excellent troubleshooting and communication skills, with a proactive and solution‑oriented mindset. Salary
San Francisco Bay area base range: $148,000—$222,000 USD Below is the annual base salary range for this position for candidates located in California, Colorado, New York and Washington. Your actual base salary will depend on factors such as your skills, qualifications, experience and work location. Benefits
Amazing Benefits Making Social Impact Developing Talent and Fostering Connection + Community at Okta Employment Details
Seniority level: Mid‑Senior level Employment type: Full‑time Job function: Information Technology Industries: Software Development Travel
Some roles may require travel to one of our office locations for in‑person onboarding. Legal & EEO
Okta is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, ancestry, marital status, age, physical or mental disability, or status as a protected veteran. We also consider for employment qualified applicants with arrest and convictions records, consistent with applicable laws. If reasonable accommodation is needed to complete any part of the job application, interview process, or onboarding please use this Form to request an accommodation. Okta is committed to complying with applicable data privacy and security laws and regulations. For more information, please see our Personnel and Job Candidate Privacy Notice at https://www.okta.com/legal/personnel-policy.
#J-18808-Ljbffr