Staff Product Security Engineer
$180k - $247.5kOkta
Secure Every Identity, from AI to Human
Identity is the key to unlocking the potential of AI. Okta secures AI by building the trusted, neutral infrastructure that enables organizations to safely embrace this new era. This work requires a relentless drive to solve complex challenges with real-world stakes. We are looking for builders and owners who operate with speed and urgency and execute with excellence. This is an opportunity to do career-defining work. We're all in on this mission. If you are too, let's talk.The Security Team
Okta is The World's Identity Company. We free everyone to safely use any technology—anywhere, on any device or app. Our Workforce and Customer Identity Clouds enable secure yet flexible access, authentication, and automation that transform how people move through the digital world, putting Identity at the heart of business security and growth.
At Okta, we celebrate a variety of perspectives and experiences. We are not looking for someone who checks every box—we're looking for lifelong learners and people who can improve us with their unique experiences.
Join our team! We're building a world where Identity belongs to you.
The Staff Product Security Engineer Opportunity
The Security team's mission is to strengthen Okta's position as the leading Identity-as-a-service solutions provider by identifying and resolving risks to employees, products, and, most importantly, our customers.
The Staff Product Security Engineer joins a team with a single mandate: get ahead of the security risks introduced by agentic systems before they become operational reality at Okta. This is a research and engineering role. The work is long-horizon and adversarial: understanding how prompt injection propagates through an agent with write access to a code repository, how privilege escalation manifests in an orchestration model with dynamic tool bindings, and what an agentic supply-chain attack looks like against an internal developer platform. The findings this team produces shape SDL requirements, feed reusable security tooling across all of Product Security, and drive Okta's AI and agent-based system security approach at the design level.
The ideal candidate thinks like an attacker, builds like an engineer, and publishes their findings. We actively support external research disclosure through white papers, blog posts, and conference presentations.
What You Will Do
- Conduct offensive security research focused on agentic AI systems: prompt injection, agent privilege escalation, tool-binding abuse, and agentic supply chain attacks against internal developer platforms.
- Perform security assessments of Okta's AI platforms—including agentic systems and LLM-integrated products—across design, code, and runtime.
- Build reusable security tooling that multiplies the entire Product Security team's capability.
- Run the AI security vendor and tooling evaluation program: design and operate a benchmarking harness against AI security tools.
- Perform manual code review of AI and agent-based system implementations across multiple languages.
- Develop threat models for agentic architectures, orchestration layers, and LLM-integrated services.
- Translate research findings into actionable guidance for engineering teams building AI-powered features and platforms.
- Represent Okta externally through security research, conference presentations, white papers, and publications.
- Mentor engineers across Product Security on AI/agentic security concepts, tooling, and assessment methodology.
What You Bring
- 7+ years of experience in information security, with meaningful depth in application security, offensive research, or AI/ML security.
- Demonstrated hands-on experience assessing LLM-integrated systems and agentic AI architectures—not just familiarity with the concepts, but evidence of having found real vulnerabilities in them.
- Strong offensive mindset: the ability to model what an adversary does with an agentic system, identify where the model's reasoning or the orchestration layer breaks down, and construct scenarios that make the risk concrete.
- Experience building security tooling and automation—scripts, scanners, detection logic, or evaluation harnesses—that other engineers actually use.
- Proficiency in at least two programming languages (Python and one of: Go, Java, TypeScript, C/C++).
- Advanced experience in threat modeling, manual code review, and penetration testing, applied to complex distributed systems.
- Knowledge of authentication and authorization protocols (OIDC, OAuth 2.0, SAML) and their implementation risks.
- Strong communication skills: the ability to write clearly for technical and non-technical audiences, document research findings with precision, and present at external venues.
- Experience producing external security research—publications, conference talks, blog posts, or open-source tooling.
Desired Skills and Abilities
- Familiarity with agentic framework internals (tool-use protocols, MCP, function-calling patterns, agent orchestration architectures).
- Experience with SAST, DAST, SCA, and fuzzing tooling applied to AI/ML pipelines or CI/CD systems.
- Strong cryptographic knowledge and experience in identifying cryptographic implementation flaws.
- Ability to develop proof-of-concept exploits that demonstrate AI/agentic vulnerabilities to engineering and product leadership.
- Experience contributing to security standards, SDL processes, or vulnerability research programs.
#LI-SM1
#LI-Hybrid
P25264_3461996
Below is the annual base salary range for candidates located in San Francisco Bay Area. Your actual base salary will depend on factors such as your skills, qualifications, experience, and work location. In addition, Okta offers equity (where applicable), bonus, and benefits, including health, dental and vision insurance, 401(k), flexible spending account, and paid leave (including PTO and parental leave) in accordance with our applicable plans and policies. To learn more about our Total Rewards program please visit: .
The annual base salary range for this position for candidates located in the San Francisco Bay area is between: $180,000—$247,500 USD
The Okta Experience
We are intentional about connection. Our global community, spanning over 20 offices worldwide, is united by a drive to innovate. Your journey begins with an immersive, in-person onboarding experience designed to accelerate your impact and connect you to our mission and team from day one.
Okta is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, ancestry, marital status, age, physical or mental disability, or status as a protected veteran. We also consider for employment qualified applicants with arrest and convictions records, consistent with applicable laws. If reasonable accommodation is needed to complete any part of the job application, interview process, or onboarding please use this Form to request an accommodation. Notice for New York City Applicants & Employees: Okta may use Automated Employment Decision Tools (AEDT), as defined by New York City Local Law 144, that use artificial intelligence, machine learning, or other automated processes to assist in our recruitment and hiring process. In accordance with NYC Local Law 144, if you are an applicant or employee residing in New York City, please click here to view our full NYC AEDT Notice. Okta is committed to complying with applicable data privacy and security laws and regulations. For more information, please see our Personnel and Job Candidate Privacy Notice at .$168k - $280k
...named one of America’s best startup employers by Forbes. About the Role We’re looking for a hands‑on staff security engineer to play a key role in building Rippling’s Product Security program. As an early member of the team, you’ll have a meaningful impact on the security...SuggestedWork at officeRelocation3 days per week1 day per week- ...identity verification infrastructure where security isn't a layer we add later, it's core to... ...compromised. As AI tooling expands what engineers can build and how fast they can build it... ...scale security across every team and product. Partner with product engineers to shape...SuggestedFull timeFor contractorsInternshipRelocation package
- ...identity verification infrastructure where security isn't a layer we add later, it's core to... ...compromised. As AI tooling expands what engineers can build and how fast they can build it... ...problem. What you'll work on This is a product security role embedded in a generalist...SuggestedFull timeFor contractorsInternshipRelocation package
$188k - $282k
...inflection point. With 1500+ customers in 60+ countries, strong product-market fit, and world-class investor support, we’re... ...just getting started. Role Overview As a Senior Software Engineer on the Product Security team at Harvey, you'll be a key technical contributor...SuggestedWork experience placement$160k - $240k
...Astranis satellites provide dedicated, secure networks to highly-sophisticated customers... ...and Fidelity, and employs a team of 450 engineers and entrepreneurs. Astranis designs,... ...in Northern California, USA. Senior Product Security Engineer As a Senior Product...SuggestedPermanent employmentFlexible hours$144.8k - $261.45k
...one of the world's most innovative software companies whose products touch billions of people around the world, Adobe empowers everyone... ...big idea could be yours. The Opportunity The Adobe Security Engineering Partnerships (SEP) team is seeking a Senior Product Security...Temporary workLocal areaWorldwide$130k - $180k
...About the role We are looking for an early-career Security Engineer to join our Product Security team, someone who has a builder's mindset, is eager to learn, and is excited to contribute to both planned initiatives and dynamic, real-time security needs with enough...Full timeWork at officeLocal areaRemote workNight shift$175k - $215k
...and we're looking for someone to make sure it's built securely from the ground up. As part of the Product Security team, you won't just be securing the future, you'll be building it, working closely with engineering teams, shipping production code, designing secure architectures...Temporary work$187k - $260k
...Airtable to transform how work gets done. Join Airtable as a Product Security Engineer and play a pivotal role in shaping the security of our... ..., and strategic planning for the security team. ~(Senior/Staff L5+) Lead complex threat modeling sessions for major product...For contractorsLive inRemote work$225k - $275k
...hidden fees or compounding interest. Affirm values information security as a critical part of the company’s continued success. Our mission... ..., enabling the company to succeed in building honest financial products. The Security team posture increases security and reduces risk...Casual workWork at officeRemote workFlexible hours$276k - $320k
...Staff Product Security Engineer San Francisco — Security About the Opportunity As a Product Security Engineer, you will be a hands‑on technical leader responsible for safeguarding the products and services that power the World project. You will be "In the Driver's Seat...Local areaFlexible hours$50 per hour
...computational biology. About This Role Crusoe Security & Compliance is hiring a Senior/Staff Application Security Engineer to play a critical role in ensuring the security... ...of our security posture, making our products safer and our customers' data more secure. A Day...Temporary work$235k - $275k
...Code Red is partnered with a unicorn FinTech in SF to bring on a Staff Product Security Engineer . This will be a foundational hire within a small, high‑impact security org that supports a global organization in hypergrowth mode. Base Pay Range $235,000.00/yr -...Full time$220k - $330k
...point. With 1500+ customers in 60+ countries, strong product-market fit, and world-class investor support, we’re scaling... ...— and we’re just getting started. ROLE OVERVIEW As a Staff Software Engineer on the Product Security team at Harvey, you'll play a critical role in...Work experience placement$208k - $312k
About the Role: We are looking for a Product Security Engineer to join our security team to drive critical product security initiatives across Vercel’s products and platform. Your core focus will be on threat modeling, open-source software security, secure code review,...Work at officeRemote workWork from homeMonday to FridayFlexible hours- Rippling is looking for a hands-on staff security engineer based in San Francisco, CA. You will play a key role in building the Product Security program and will work closely with engineering partners to ensure the application’s security. The ideal candidate has over 5...
- ...the workplace. The Role Maintaining the security and privacy of our users is paramount.... ...This role offers an opportunity to apply engineering and security skills to make a direct impact... ...posture. This role is part of the Product Security (ProdSec) team, reports to the...Full timeRemote workFlexible hours
- ...identity verification infrastructure where security isn't a layer we add later, it's core to... .... As AI tooling expands what engineers can build and how fast they can build it... ...that scale security across every team and product. Partner with product engineers to shape...Full timeFor contractorsInternshipRelocation package
$272k - $320k
...empower, and be owned by everyone. About the Security team: Well beyond “regular company... ...and software security. The team of 15+ engineers helps guide, blockchain, device, cloud,... ...complex security challenges throughout our product lifecycle. As a key architect of our...Flexible hours- A leading mental health solutions company is seeking a security engineer to enhance product security and compliance. The role involves analyzing application vulnerabilities, integrating security practices across development, and collaborating with engineering teams. Candidates...Remote work
$300 per month
...energy and intelligence. We’re crafting the engine that powers a world where people can... ...infrastructure. About This Role At Crusoe, the AI Security Engineer is central to ensuring the... ..., moving from proof‑of‑concept to production at scale. Secure MLOps & Governance: Establish...Temporary work- A leading tech organization is seeking a Product Security Engineer to lead security initiatives and safeguard its innovative products. This hands-on role involves embedding security throughout the development lifecycle, performing in-depth code reviews, and managing vulnerability...
- A leading tech company in San Francisco is seeking a Senior/Staff Application Security Engineer to ensure the security of its applications and infrastructure. The role involves integrating security into the software development lifecycle, conducting assessments, and mentoring...
- Airwallex Pty Ltd. is looking for a Staff Product Security Engineer in San Francisco to join the Information Security team. This hands-on role involves designing and managing security controls to protect our infrastructure and systems against cybersecurity threats. The...
$200k - $275k
A leading financial technology company is looking for a security engineer to enhance product security and automate processes. Responsibilities include collaborating with product teams on security measures, conducting threat modeling and analysis, as well as reviewing source...Remote job- A leading identity verification company in San Francisco seeks a skilled Product Security Engineer. In this role, you'll drive the vulnerability lifecycle, design scalable security systems, and partner with engineers to ensure secure product development. Candidates should...Relocation package
- ...the team Airwallex’s Information Security team partners closely with engineering, IT, and other stakeholders to protect... ...across the company—from secure product and infrastructure design to risk... ...treated as a blocker. Your role As a Staff Product Security Engineer at...
$189k - $315k
Rippling in San Francisco is looking for a hands-on staff security engineer to build their Product Security program. You will address a variety of security challenges in a supportive and collaborative environment as a vital team member. With a focus on eliminating vulnerabilities...- ...and collaborative; turn zero‑to‑one ideas into real products, and you “get stuff done” end-to-end. You use AI to work... ...’s next. About the team Airwallex’s Information Security team partners closely with engineering, IT, and other stakeholders to protect our systems, data...Full timeWorldwide
- Vercel is seeking a Product Security Engineer to lead security initiatives across its products and platforms. In this high-impact role, you will focus on threat modeling, secure code review, and managing bug bounty programs, ensuring comprehensive security practices are...Remote jobFlexible hours
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Staff Product Security Engineer. Be the first to apply!
- assistant civil engineer San Francisco, CA
- engineering aide San Francisco, CA
- assistant mechanical engineer San Francisco, CA
- assistant engineering manager San Francisco, CA
- project engineer assistant project manager San Francisco, CA
- senior staff systems engineer San Francisco, CA
- staff automation engineer San Francisco, CA
- staff design engineer San Francisco, CA
- staff security engineer San Francisco, CA
- staff engineer San Francisco, CA

