Sign up to access all features of our service.
  • Job search
  • Favorites
  • Create a CV
    New
  • Salaries
  • Subscriptions

Staff Product Security Engineer

$180k - $247.5k

Okta

Secure Every Identity, from AI to Human

Identity is the key to unlocking the potential of AI. Okta secures AI by building the trusted, neutral infrastructure that enables organizations to safely embrace this new era. This work requires a relentless drive to solve complex challenges with real-world stakes. We are looking for builders and owners who operate with speed and urgency and execute with excellence.

This is an opportunity to do career-defining work. We're all in on this mission. If you are too, let's talk.

The Security Team

Okta is The World's Identity Company. We free everyone to safely use any technology—anywhere, on any device or app. Our Workforce and Customer Identity Clouds enable secure yet flexible access, authentication, and automation that transform how people move through the digital world, putting Identity at the heart of business security and growth.

At Okta, we celebrate a variety of perspectives and experiences. We are not looking for someone who checks every box—we're looking for lifelong learners and people who can improve us with their unique experiences.

Join our team! We're building a world where Identity belongs to you.

The Staff Product Security Engineer Opportunity

The Security team's mission is to strengthen Okta's position as the leading Identity-as-a-service solutions provider by identifying and resolving risks to employees, products, and, most importantly, our customers.

The Staff Product Security Engineer joins a team with a single mandate: get ahead of the security risks introduced by agentic systems before they become operational reality at Okta. This is a research and engineering role. The work is long-horizon and adversarial: understanding how prompt injection propagates through an agent with write access to a code repository, how privilege escalation manifests in an orchestration model with dynamic tool bindings, and what an agentic supply-chain attack looks like against an internal developer platform. The findings this team produces shape SDL requirements, feed reusable security tooling across all of Product Security, and drive Okta's AI and agent-based system security approach at the design level.

The ideal candidate thinks like an attacker, builds like an engineer, and publishes their findings. We actively support external research disclosure through white papers, blog posts, and conference presentations.

What You Will Do

  • Conduct offensive security research focused on agentic AI systems: prompt injection, agent privilege escalation, tool-binding abuse, and agentic supply chain attacks against internal developer platforms.
  • Perform security assessments of Okta's AI platforms—including agentic systems and LLM-integrated products—across design, code, and runtime.
  • Build reusable security tooling that multiplies the entire Product Security team's capability.
  • Run the AI security vendor and tooling evaluation program: design and operate a benchmarking harness against AI security tools.
  • Perform manual code review of AI and agent-based system implementations across multiple languages.
  • Develop threat models for agentic architectures, orchestration layers, and LLM-integrated services.
  • Translate research findings into actionable guidance for engineering teams building AI-powered features and platforms.
  • Represent Okta externally through security research, conference presentations, white papers, and publications.
  • Mentor engineers across Product Security on AI/agentic security concepts, tooling, and assessment methodology.

What You Bring

  • 7+ years of experience in information security, with meaningful depth in application security, offensive research, or AI/ML security.
  • Demonstrated hands-on experience assessing LLM-integrated systems and agentic AI architectures—not just familiarity with the concepts, but evidence of having found real vulnerabilities in them.
  • Strong offensive mindset: the ability to model what an adversary does with an agentic system, identify where the model's reasoning or the orchestration layer breaks down, and construct scenarios that make the risk concrete.
  • Experience building security tooling and automation—scripts, scanners, detection logic, or evaluation harnesses—that other engineers actually use.
  • Proficiency in at least two programming languages (Python and one of: Go, Java, TypeScript, C/C++).
  • Advanced experience in threat modeling, manual code review, and penetration testing, applied to complex distributed systems.
  • Knowledge of authentication and authorization protocols (OIDC, OAuth 2.0, SAML) and their implementation risks.
  • Strong communication skills: the ability to write clearly for technical and non-technical audiences, document research findings with precision, and present at external venues.
  • Experience producing external security research—publications, conference talks, blog posts, or open-source tooling.

Desired Skills and Abilities

  • Familiarity with agentic framework internals (tool-use protocols, MCP, function-calling patterns, agent orchestration architectures).
  • Experience with SAST, DAST, SCA, and fuzzing tooling applied to AI/ML pipelines or CI/CD systems.
  • Strong cryptographic knowledge and experience in identifying cryptographic implementation flaws.
  • Ability to develop proof-of-concept exploits that demonstrate AI/agentic vulnerabilities to engineering and product leadership.
  • Experience contributing to security standards, SDL processes, or vulnerability research programs.

#LI-SM1

#LI-Hybrid

P25264_3461996

Below is the annual base salary range for candidates located in San Francisco Bay Area. Your actual base salary will depend on factors such as your skills, qualifications, experience, and work location. In addition, Okta offers equity (where applicable), bonus, and benefits, including health, dental and vision insurance, 401(k), flexible spending account, and paid leave (including PTO and parental leave) in accordance with our applicable plans and policies. To learn more about our Total Rewards program please visit: .   

The annual base salary range for this position for candidates located in the San Francisco Bay area is between: $180,000—$247,500 USD


The Okta Experience

We are intentional about connection. Our global community, spanning over 20 offices worldwide, is united by a drive to innovate. Your journey begins with an immersive, in-person onboarding experience designed to accelerate your impact and connect you to our mission and team from day one.

Okta is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, ancestry, marital status, age, physical or mental disability, or status as a protected veteran. We also consider for employment qualified applicants with arrest and convictions records, consistent with applicable laws.

If reasonable accommodation is needed to complete any part of the job application, interview process, or onboarding please  use this Form to request an accommodation.

Notice for New York City Applicants & Employees: Okta may use Automated Employment Decision Tools (AEDT), as defined by New York City Local Law 144, that use artificial intelligence, machine learning, or other automated processes to assist in our recruitment and hiring process. In accordance with NYC Local Law 144, if you are an applicant or employee residing in New York City, please  click here to view our full NYC AEDT Notice.

Okta is committed to complying with applicable data privacy and security laws and regulations. For more information, please see our Personnel and Job Candidate Privacy Notice at  .
Vacancy posted 29 days ago
Similar jobs that could be interesting for youBased on the Staff Product Security Engineer in Washington DC vacancy
  • $130k - $150k

     ...company is actively developing the technologies to make this possible, with the ultimate goal ofenabling human life on Mars. PRODUCT SECURITY ENGINEER (STARSHIELD) Starshield leverages the company’s Starlink technology and launch capability to support national security... 
    Suggested
    Permanent employment
    Temporary work
    Immediate start
    Flexible hours
    Weekend work

    United States Digital Space LLC

    Washington DC
    4 days ago
  • ID.me is seeking a Product Security Engineer in McLean, VA, to enhance security solutions for millions of users. This role involves implementing security systems, troubleshooting production issues, and automating security processes using Python or Java. Candidates should... 
    Suggested

    I did my part and supported the Regular Toilet

    Mc Lean, VA
    3 days ago
  • $127.5k - $149.94k

     ...generation digital identity wallet that simplifies how individuals securely prove their identity online. Consumers can verify their...  ...learn more, visit Role Overview ID.me is looking for a Product Security Engineer to join our Product Security organization as an execution-... 
    Suggested
    Full time
    Temporary work
    Work at office
    Flexible hours

    I did my part and supported the Regular Toilet

    Mc Lean, VA
    3 days ago
  • $175k - $210k

     ...from the effects of infrastructure failure. Role at a Glance We are building the Product Security team to build and scale application security at Gecko. As a Product Security Engineer you will play a key role in shaping how security works across our product as we... 
    Suggested
    Work at office
    Local area
    Work from home
    Flexible hours

    Gecko Robotics

    Washington DC
    3 days ago
  • M.C. Dean, Inc. is seeking a Design Engineer 3 to join their Security and Electronic Systems Unit. In this role, you will design and implement electronic security solutions for various customers. Candidates should possess a Bachelor's degree and be able to manage technical... 
    Suggested
    Relocation

    M.C. Dean, Inc.

    Washington DC
    1 day ago
  • EMD LLC is looking for a full-time Design Engineer based in Alexandria, VA. The successful candidate will conduct technical security assessments, produce detailed technical documents, and install security solutions. To qualify, applicants should have a BS/BA in related... 
    Full time

    EMD

    Alexandria, VA
    3 days ago
  • $92.3k - $166.85k

     ...operations for a significant opportunity with a Health Agency in Montgomery County, MD. The positions available include Network Engineers, Security Engineers, System Administrators, and Network Architects. Candidates must have relevant experience, with a pay range of $92,3... 
    Contract work

    Via Logic LLC

    Bethesda, MD
    2 days ago
  •  ...Network Security Engineer (Cisco, Palo Alto) About Us: We are a dynamic technology services company based in Washington, DC, specializing in cutting-edge network solutions. We are seeking a skilled Network Engineer to join our team to ensure the seamless operation... 
    Remote work

    Elios

    Washington DC
    3 days ago
  • $130k - $150k

     ...businesses worldwide rely on TRM to make the world safer and more secure. At TRM, writing code can literally save lives. Our platform...  ...terrorist financing to human trafficking. The Full‑Stack Product Engineering team builds core products and services that make this... 
    Summer work
    Internship
    Work at office
    Worldwide
    3 days per week

    TRM Labs Inc.

    Washington DC
    23 hours ago
  • $107.9k - $195.05k

    Leidos is seeking an experienced M365 Security and Compliance Administrator to join our Information Technology team. This role requires...  ...tenant, particularly in a federal agency context. This senior engineering role sits at the center of the organization’s device, identity... 
    Night shift
    Day shift

    Koitecc Solutions

    Washington DC
    4 days ago
  •  ...on delivering end-to-end solutions and products. Since 1998, we have successfully serviced...  ...Establish system-wide information security requirements based on policy and regulatory...  ...Responsibilities include secure systems engineering and development. This includes systems security... 

    Comtech LLC

    Washington DC
    5 days ago
  • $75k - $95k

     ...Join to apply for the Junior Security Engineer role at Tyto Athene, LLC Join to apply for the Junior Security Engineer role at Tyto...  ...; Security+, Network+, GSEC, or other relevant IT security product certifications such as Certified Systems Analyst, or SnortCP... 
    16 hours
    Full time
    Work experience placement
    Remote work

    Tyto Athene, LLC

    Washington DC
    1 day ago
  •  ...Security Engineer Location: Washington, D.C (On-site M-F at JBAB) Duration: Full Time Clearance: Security Clearance: TS/SCI + required and able to receive PSD/Yankee White, or Active Yankee White Clearance Company Description Our Client is a top-rated cyber security firm... 
    Full time

    Scout Solutions Inc Defunct

    Washington DC
    4 days ago
  •  ...Join to apply for the Security Engineer role at Jobright.ai 3 days ago Be among the first 25 applicants Join to apply for the...  ...and risk management • Microsoft Excel and other MS Office Products • Able to deliver and present vulnerability analysis to a... 
    Full time
    Remote work

    jobright.com

    Washington DC
    4 days ago
  •  ...Join to apply for the Security Engineer role at HireCapital Join to apply for the Security Engineer role at HireCapital Direct message the job poster from HireCapital Technical Recruiter placing talent at innovative and mission-driven organizations... 
    Permanent employment
    Full time
    Work at office
    Remote work

    HireCapital

    Washington DC
    4 days ago
  • $140k - $170k

     ...Security & Compliance Engineer Join to apply for the Security & Compliance Engineer role at Nominal. About Nominal Nominal is building...  ...standards, and more. Own the Posture: Technical excellence in product hardening and information security is table‑stakes for... 
    Permanent employment
    H1b
    Visa sponsorship
    Work visa

    Nominal

    Washington DC
    4 days ago
  • Koitecc Solutions is seeking a seasoned M365 Security and Compliance Administrator to enhance the security posture of the Microsoft 365 environment in a federal agency setting. This role includes duties such as leading security governance, implementing email security policies... 

    Koitecc Solutions

    Washington DC
    4 days ago
  • Zermount, Inc. is looking for a System Compliance Engineer in Arlington, VA. This remote role involves ensuring federal information systems meet cybersecurity standards by performing technical validations and risk assessments. Candidates should have 5+ years of experience... 
    Remote job

    Zermount, Inc.

    Arlington, VA
    1 day ago
  • $40 per hour

    A cybersecurity firm is seeking experienced cybersecurity professionals to evaluate AI-generated security content, solve technical problems, and provide feedback to improve AI systems. This is a flexible remote position, allowing you to work on chosen projects within a... 
    Remote job
    Hourly pay
    Flexible hours

    DataAnnotation

    Washington DC
    1 day ago
  • ZERMOUNT POSITION DESCRIPTION (PD) SECURITY & COMPLIANCE ENGINEERING (SCE) POSITION OVERVIEW Zermount Inc. is seeking System Compliance Engineering (SCE) to support system risk analysis and ensure that federal information systems comply with Information Assurance and cybersecurity... 
    Remote work

    Zermount, Inc.

    Arlington, VA
    1 day ago
  • $150k - $185k

     ...the internal teams who work directly with them. Some of the key products we support include: User-facing public web applications and...  ...Actions. We’re looking for experienced, full-stack software engineers to own the lifecycle of turning our team’s ideas and needs into... 
    Temporary work
    Work at office
    Local area
    Remote work

    Truebill

    Washington DC
    1 day ago
  •  ...helps families stay afloat—offering flexible, affordable payment solutions that replace financial stress with stability. As a Product Engineer with a frontend focus, you’ll directly shape the way people experience that mission. You’ll design and build high-impact web... 
    Permanent employment
    Full time
    Work at office
    Local area
    Immediate start
    Flexible hours

    Promise

    Washington DC
    4 days ago
  • threatER is seeking a Full Stack Developer to lead the integration of AI technologies and deliver scalable software solutions in Washington, D.C. The ideal candidate will have over 4 years of experience, particularly in AWS environments, and be proficient in languages such...

    threatER

    Washington DC
    5 days ago
  • Omm IT Solutions is looking for a Web Developer Security Engineer (AppSec / DevSecOps) to join in a full-time hybrid role based in Washington, D.C. This entry-level position involves ensuring the security of web applications and APIs, driving vulnerability management, and... 
    Full time

    TryApplyNow

    Washington DC
    3 days ago
  • $110k - $160k

     ...— we’re here to stop breaches, and we’ve redefined modern security with the world’s most advanced AI-native platform. Our customers...  ...Demonstrated track record of managing and leading a global product and engineering recruitment team. Inspire, grow and nurture a team of... 
    Work experience placement
    Work at office
    Local area

    CrowdStrike

    Washington DC
    3 days ago
  •  ...based solutions using technology and an empowered workforce as an engine to drive its customers' missions. Our goal is to attract the...  ...award. Job Overview MartinFed is seeking a highly experienced Security Operations Center (SOC) Engineer III to provide advanced cybersecurity... 
    Contract work
    Work at office
    Local area

    MartinFederal Consulting, LLC

    Arlington, VA
    2 days ago
  • A cybersecurity firm in Arlington, Virginia, is seeking a Computer Network Defense Analyst to monitor network activity, analyze cyber threats, and recommend proactive measures to contain incidents. The ideal candidate will have over 5 years of experience in cyber defense...

    Base One Technologies

    Arlington, VA
    23 hours ago
  • Security Operations Engineer (Senior) - NIGC Technology Automation & Management (TeAM), Inc. We are an equal employment opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, national origin... 
    Full time
    Contract work
    Part time
    Remote work

    Technology,-Automation,-and-Management,-Inc.

    Washington DC
    1 day ago
  • United States Digital Space LLC is seeking a Security Software Engineer to build and maintain security infrastructure for Starshield. The ideal candidate has a strong background in software engineering and applied cryptography, with the ability to work collaboratively... 

    United States Digital Space LLC

    Washington DC
    4 days ago
  • Technology Automation & Management, Inc. seeks a Senior Security Operations Engineer to lead proactive cybersecurity initiatives for the National Indian Gaming Commission (NIGC) in Washington, DC. The role involves engineering security tools for a hybrid IT environment... 

    Technology Automation & Management In

    Washington DC
    1 day ago

Do you want to receive more vacancies?

Subscribe and receive similar vacancies to Staff Product Security Engineer. Be the first to apply!