Key skills
JavaScriptPythonGoAIAzureTerraformKubernetesEKSAKSOktaIstioService MeshLeadershipMentoringCommunicationCloud Security
About this role
Okta is The World’s Identity Company, providing secure access and authentication solutions. They are seeking a Staff Software Engineer to design and build security guardrails for a multi-cloud environment, ensuring compliance with security standards and mentoring junior engineers.
Responsibilities:
- Design organization-wide controls (SCPs, Azure Policy) that provide maximum protection with minimum developer friction
- Architect templates and permission boundaries that govern how services and humans interact with our cloud with the principle of least privilege in mind
- Define the security standards for VPC architecture, edge networking, and cross-account connectivity
- Lead platform-related security reviews for new features and high-impact services, ensuring security is baked into the design phase
- Design systems and processes to validate the security posture of the platform, ensuring our security policies are enforced in real-time with actionable feedback for engineering teams
- You raise the bar for the entire organization by mentoring junior engineers and influencing senior leadership on critical security decisions
Requirements:
- 8+ years of proven experience in information security, specifically within cloud-native environments, Kubernetes (EKS, AKS), and cloud security
- Deep understanding of secure networking principles, including VPC peering/transit gateways, VPN implementations, edge protection, and managing public/private PKI infrastructures
- Strong background in building automated controls for enforcing Policy-as-Code within Terraform workflows
- Hands-on experience identifying attack vectors and conducting risk assessments for complex, distributed systems
- Experience working with security platforms for analyzing cloud permissions and a background or interest in applying AI to streamline security tasks and governance
- Exceptional communication skills with a track record of aligning multiple teams toward shared security goals
- A Bachelor's degree in Computer Science, Information Security, Systems Engineering, or a related field
- This position requires the ability to access federal environments and/or have access to protected federal data. As a condition of employment for this position, the successful candidate must be able to submit documentation establishing U.S. Person status (e.g. a U.S. Citizen, National, Lawful Permanent Resident, Refugee, or Asylee. 22 CFR 120.15) upon hire
- Experience navigating compliance frameworks such as FedRAMP, SOC2, or HIPAA in a cloud environment
- Proficiency in one or more languages used for automation and tooling, such as Python, Go, or JavaScript
- Experience creating, managing, and securing containerized environments
- Experience with service mesh (Istio) security policies and zero-trust networking