Staff Security Engineer - Vulnerability Management US Public Sector

Secure Every Identity, from AI to Human Identity is the key to unlocking the potential of AI. Okta secures AI by building the trusted, neutral infrastructure that enables organizations to safely embrace this new era. This work requires a relentless drive to solve complex challenges with real-world stakes. We are looking for builders and owners who operate with speed and urgency and execute with excellence.

This is an opportunity to do career-defining work. We're all in on this mission. If you are too, let's talk.

Staff Security Engineer - Vulnerability Management, US Public Sector

The Okta Security team's mission is to strengthen Okta's position as the leading Identity-as-a-Service solutions through identifying and resolving risks to the employees, product, and most importantly, our customers. With the ever-increasing pace of cloud application adoption, companies are struggling to find ways to accurately assess risk and act at the speed of their business.


The Staff Security Engineer for Public Sector is a key member of the Okta Security team and an essential collaborator with our broader Engineering organization playing a key part in executing the Vulnerability Management Program's strategy. The Vulnerability Management Program is a crucial pillar of the security organizations' imperative to reduce the threats to Okta's infrastructure and applications. You'll be an integral part of building and sustaining strong and effective relationships across Okta with our Engineering, Product and Business Technology counterparts.

What you'll do

• Own the full lifecycle operations of Asset and Vulnerability Management scanning and reporting infrastructure, including designing new cloud based and on-prem deployments as required.
• Assess new and existing scan technologies to determine potential business value.
• Monitor and respond to security inquiries, requests, and incidents, understanding the technical details of the published vulnerabilities as well as their real risk. Effectively communicate the perceived and real vulnerability impact given the infrastructure context.
• Contribute to the definition and execution of internal processes that allow for accelerated remediation of critical vulnerabilities and zero-days.
• Support audit, governance, risk and compliance teams in scanning and reporting on various regulatory compliance and industry best practices including PCI, ISO 27001/27017/27018 , NIST SP 800-53 and SOC 2.
• Assist Okta's Public Sector compliance team in their preparation and maintenance of POAMs (Plan of Action & Milestones) and Continuous Monitoring (ConMon) processes.
• Track and manage weaknesses or gaps in vulnerability related security controls, outlining tasks, required resources, milestones, and scheduled completion dates to achieve compliance with standards like NIST 800-171 and CMMC.
• Participate in other special projects or strategic initiatives at the direction of the Security team.

What you'll bring

• Must have ability to work independently on end to end delivery of infrastructure deployment and troubleshooting run time issues.
• Proven experience in architecting, deploying, and operating self-hosted vulnerability management and cloud workload security solutions in AWS for regulated or restricted environments.
• Must have proficiency in AWS core services such as host OS and container deployment, S3, DynamoDB, API Gateway, and others.
• Experience working with AWS Lambda or similar serverless computing environments for automating vulnerability management scanning and reporting tasks.
• Proficiency in Shell and python scripting and automation. Familiarity with other scripting and automation tools is a plus.
• 5+ years of multifaceted cyber security experience in a technology-centric company.
• 5+ years of experience in building vulnerability scanning solutions within a highly regulated environment such as FedRamp and various Impact Levels.
• Functional knowledge of vulnerabilities, exploitation and remediation. You should be able to explain vulnerabilities and exploits as well as propose remediations for the most common vulnerabilities.
• Experience with commercial or open-source vulnerability and misconfiguration scanners and reporting tools regarding Infrastructure/ IP based Assets, Containers, CSPM and CNAPP. Examples: Qualys, TenableSC, Prisma Cloud, Wiz, Orca, Lacework, Paramify, Atlassian Jira, ServiceNow etc. are a plus.
• Familiarity with industry standards, frameworks and publications such as CVE, CVSS, EPSS, OWASP and CISA KEV catalog.

Who you are

• You have a deep focus on execution, follow-through, accountability, and results.
• You have a growth mindset; You thrive on challenge, you see learnings and opportunities, not failures.
• You enjoy working with cross-functional teams and have exceptional stakeholder management skills.
• You surround yourself with high energy, thriving teams to achieve quality outcomes.

Qualifications:

• Bachelor's degree in Computer Science, Computer Engineering, or equivalent experience.

Additional requirements:

• This position requires the ability to access federal environments and/or have access to protected federal data. As a condition of employment for this position, the successful candidate must be able to submit documentation establishing U.S. Person status (e.g. a U.S. Citizen, National, Lawful Permanent Resident, Refugee, or Asylee. 22 CFR 120.15) upon hire.

#LI-HYBRID

#LI-SM1

P24528_3344434

The annual base salary range for this position for candidates located in the San Francisco Bay area is between:


$180,000-$247,500 USD

Below is the annual base salary range for candidates located in California (excluding San Francisco Bay Area), Colorado, Illinois, New York and Washington. Your actual base salary will depend on factors such as your skills, qualifications, experience, and work location. In addition, Okta offers equity (where applicable), bonus, and benefits, including health, dental and vision insurance, 401(k), flexible spending account, and paid leave (including PTO and parental leave) in accordance with our applicable plans and policies. To learn more about our Total Rewards program please visit:


The annual base salary range for this position for candidates located in California (excluding San Francisco Bay Area), Colorado, Illinois, New York, and Washington is between:

$161,000-$221,000 USD

The Okta Experience

• Supporting Your Well-Being
• Driving Social Impact
• Developing Talent and Fostering Connection + Community

We are intentional about connection. Our global community, spanning over 20 offices worldwide, is united by a drive to innovate. Your journey begins with an immersive, in-person onboarding experience designed to accelerate your impact and connect you to our mission and team from day one.

Okta is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, ancestry, marital status, age, physical or mental disability, or status as a protected veteran. We also consider for employment qualified applicants with arrest and convictions records, consistent with applicable laws.

If reasonable accommodation is needed to complete any part of the job application, interview process, or onboarding please use this Form to request an accommodation.

Notice for New York City Applicants & Employees: Okta may use Automated Employment Decision Tools (AEDT), as defined by New York City Local Law 144, that use artificial intelligence, machine learning, or other automated processes to assist in our recruitment and hiring process. In accordance with NYC Local Law 144, if you are an applicant or employee residing in New York City, please click here to view our full NYC AEDT Notice.

Okta is committed to complying with applicable data privacy and security laws and regulations. For more information, please see our Personnel and Job Candidate Privacy Notice at