Staff Product Security Engineer - Okta

Key Responsibilities

• Define and execute security architecture and threat‑modeling practices for core identity and access management products.
• Conduct deep-dive secure code reviews and penetration testing of new features, providing actionable remediation guidance.
• Collaborate with product, engineering, and DevOps teams to embed security controls into CI/CD pipelines and cloud infrastructure (AWS).
• Mentor senior engineers and cross‑functional teams on secure development best practices and emerging security standards.
• Drive incident response and post‑mortem analysis for security findings, translating lessons into process improvements.

Requirements

• 10+ years of experience in application security, with a focus on cloud‑native SaaS products.
• Proven expertise in threat modeling, secure code review, and vulnerability remediation.
• Strong knowledge of AWS security services, IAM concepts, and DevSecOps tooling.
• Hands‑on experience with penetration testing frameworks and scripting languages (e.g., Python, Bash).
• Excellent communication skills and a track record of influencing engineering culture toward security excellence.