Senior Security Engineer, TDI

Get to know Okta

Okta is The World’s Identity Company. We free everyone to safely use any technology, anywhere, on any device or app. Our flexible and neutral products, Okta Platform and Auth0 Platform, provide secure access, authentication, and automation, placing identity at the core of business security and growth.

At Okta, we celebrate a variety of perspectives and experiences. We are not looking for someone who checks every single box - we’re looking for lifelong learners and people who can make us better with their unique experiences.

Join our team! We’re building a world where Identity belongs to you.

We are seeking a highly skilled and hands-on Security Engineer with a DevSecOps focus to join the TDI BT Security team. In this role, you will be embedded directly within our technical environments, working side-by-side with engineering and operations teams to strengthen Okta’s security posture across infrastructure, cloud, and business systems.

This is a tactical and strategic role—you will not only coach and mentor teams on vulnerability remediation but also be capable of performing and validating remediations yourself. The ideal candidate combines deep technical security expertise with the ability to troubleshoot in complex environments and drive measurable improvements across the vulnerability management lifecycle.

You’ll partner closely with Security, SRE, and Engineering teams to implement scalable security controls, automate scanning and remediation workflows, and ensure our platforms—from AWS and endpoints to GTM applications like Salesforce, ERP, Google Workspace, Slack, and Zoom—are secure by design.

What You’ll Be Doing

Vulnerability & Asset Management

Lead hands-on vulnerability remediation efforts across

endpoints (Mac/Windows)

, cloud workloads, and on-prem assets.

Deploy, configure, and operationalize tools such as

Snyk

,

Semgrep

, and

Qualys

to expand scanning coverage for all TDI assets.

Collaborate with teams to troubleshoot and remediate findings; provide technical mentorship to developers and admins.

Improve vulnerability metrics, reporting, and visibility to drive accountability and measurable risk reduction.

Partner with GRC to integrate findings into the risk register and ensure timely remediation or risk acceptance.

Secure Development & DevSecOps Enablement

Embed within product and engineering teams to advise on

secure coding, build pipelines, and deployment best practices

.

Support and enforce

ProdSec SDL

adoption across business units, standardizing design reviews and requirements gathering.

Implement

secrets rotation automation

and best practices for secrets management across TDI systems.

Lead the

Security Champions

initiative—mentoring developers and SREs on proactive risk mitigation.

Baseline Image & Environment Security

Build and maintain secure

baseline container and VM images

for AWS environments, integrating core security tooling.

Collaborate with SRE to manage update pipelines and enforce compliance with baseline standards.

Conduct light

Security Architecture Reviews (SARs)

for lower environments to confirm proper controls and data handling.

Automation & Continuous Improvement

Develop automation for scanning, reporting, and patch validation.

Identify and close gaps across

CSPM, CI/CD pipeline security

, and endpoint hardening.

Provide technical guidance for integrating security into business and productivity platforms (Salesforce, ERP, Google Workspace, Slack, Zoom).

What You’ll Bring (Qualifications)

7+ years

of experience in

Security Engineering, DevSecOps, or Infrastructure Security

within a SaaS or enterprise environment.

Hands-on technical expertise in

vulnerability scanning, patching, and remediation

across

cloud, endpoint, and SaaS ecosystems

.

Experience Deploying And Managing

Snyk

,

Semgrep

, and

Qualys

tools.

Strong knowledge of

AWS

security practices,

SRE

principles, and securing business technology stacks (Salesforce, ERP, Google, Slack, Zoom).

Proven ability to coach, mentor, and collaborate with development teams to improve remediation velocity.

Practical understanding of

secure SDLC / PDLC

,

supply chain security

, and

secrets management

.

Excellent troubleshooting and communication skills, with a proactive and solution-oriented mindset.

1

P21924_3270184

The annual base salary range for this position for candidates located in the San Francisco Bay area is between:

$148,000

—

$222,000 USD

Below is the annual base salary range for candidates located in California (excluding San Francisco Bay Area), Colorado, Illinois, New York and Washington. Your actual base salary will depend on factors such as your skills, qualifications, experience, and work location. In addition, Okta offers equity (where applicable), bonus, and benefits, including health, dental and vision insurance, 401(k), flexible spending account, and paid leave (including PTO and parental leave) in accordance with our applicable plans and policies. To learn more about our Total Rewards program please visit:

https://rewards.okta.com/us

.

The annual base salary range for this position for candidates located in California (excluding San Francisco Bay Area), Colorado, Illinois, New York, and Washington is between:

$132,000

—

$198,000 USD

What you can look forward to as a Full-Time Okta employee!

Amazing

Benefits

Making

Social Impact

Developing

Talent and Fostering Connection + Community at Okta

Okta cultivates a dynamic work environment, providing the best tools, technology and benefits to empower our employees to work productively in a setting that best and uniquely suits their needs. Each organization is unique in the degree of flexibility and mobility in which they work so that all employees are enabled to be their most creative and successful versions of themselves, regardless of where they live. Find your place at Okta

today!

https://www.okta.com/company/careers/

.

Some roles may require travel to one of our office locations for in-person onboarding.

Okta is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, ancestry, marital status, age, physical or mental disability, or status as a protected veteran. We also consider for employment qualified applicants with arrest and convictions records, consistent with applicable laws.

If reasonable accommodation is needed to complete any part of the job application, interview process, or onboarding please use this

Form

to request an accommodation.

Okta is committed to complying with applicable data privacy and security laws and regulations. For more information, please see our Personnel and Job Candidate Privacy Notice at

https://www.okta.com/legal/personnel-policy/.