Security Engineer, Detection (Senior/Staff/Principal) Okta, Inc.
San Francisco, CA

Job Description

You will be a part of Okta's defensive security team and take a leadership role in Internet-scale defensive security measures surrounding the Okta platform, code base, and infrastructure. This person will be required to work effectively and seamlessly with Okta's existing offensive security team, development team, and Okta's Dev-Ops team. The Security Engineer will need to stay ahead of the state-of-the-art in Internet-scale web service security defensive measures.

Job Duties and Responsibilities:

* Play a key role in Okta's Detection and Prevention efforts by collaborating with internal IT, Engineering, DevOps and Product Management teams to facilitate identification, handling and resolution of Corporate and Production environment security incidents
* Monitor, maintain and improve Okta's security detection initiatives by identifying and ingesting new security log sources, and by writing (Anticipated and Reactive) custom security event correlation rules to identify targeted malicious activity
* Lead/contribute to implementation or improvement of automation around AWS Service-level security controls and build solutions for monitoring corporate SaaS services
* Improve monitoring instrumentation, intrusion detection setup & rules, Endpoint detection solution and DNS/Content Filtering systems
* Design, evangelize and implement security process & technical controls to enhance Okta's ability to detect, analyze and prevent malicious activity
* Research new threats, attack vectors, 0 days that impact Okta's application/infrastructure, provide remediation recommendations and monitor remediation efforts

Required Skills:

* 5+ years of hands-on experience as a lead contributor to Security Operations, Threat Detection, or Security Architecture in cloud environments
* Extensive experience in detecting, alerting and automating triage or remediation of security events
* Experience building security solutions in continuous deployment pipelines
* Deep understanding of the TCP/IP Stack, Web-Application Architecture, and Encryption Fundamentals
* Experience in one or more configuration management or infrastructure as code tools such as Chef, Puppet, Ansible or Terraform
* Working knowledge of Splunk, ELK or other security monitoring/response products
* Experience in Security root cause analysis across systems, network, code in legacy and cloud environments
* Ability to apply knowledge of attacker tools, techniques and procedures to enhance Okta's detection posture
* Proficient in at least one programming language (Python, Ruby, Golang, C/C++ etc) and experience deploying code in a production environment

Bonus Skills:

* Exposure or experience working with AWS
* Experience utilizing OSQuery, Auditd or other similar insight generation frameworks
* Experience automating integrations between APIs and creating middleware to connect disparate systems



Okta is an Equal Opportunity Employer

#LI-CH1