Key skills
Data SecurityData ProtectionData PrivacyData Loss Prevention (DLP)Data Security Posture Management (DSPM)Cloud Access Security Broker (CASB)Endpoint DetectionResponse (EDR)Network SecurityEndpoint SecurityCloud SecuritySecurity Compliance Frameworks NISTSecurity Compliance Frameworks ISOSecurity Compliance Frameworks PCISecurity Certifications CISSPSecurity Certifications CISASecurity Certifications CISMSecurity Certifications CDPSEAnalytical ThinkingProject ManagementStrategic ThinkingAIOktaCritical ThinkingCollaboration
About this role
Okta is a company focused on securing identities and enabling organizations to embrace AI safely. They are seeking a Principal Data Security Engineer to drive their internal data security strategy, manage data protection tools, and collaborate with various teams to enhance data security practices.
Responsibilities:
- Serve as the business owner of Okta’s data protection tool suite
- Evaluation and implementation of security tools and services
- Design, establish, and implement the strategy for a multi-year data security maturity roadmap
- Identify patterns and trends in data loss incidents to enhance preventative and detective measures
- Collaborate with the Cyber Defense Team and Technology, Data & Intelligence (TDI) Team to realize data security controls within Okta’s data security technology stack
- Oversee and manage the development, implementation, and uplift of DLP rules
- Work closely with technology teams, Legal, Compliance, and other business units to ensure execution of comprehensive data protection strategies
- Provide clear and concise reports and documentation on data loss incidents and resolutions
- Ability to manage complex projects, including identifying dependencies and evaluating impact
Requirements:
- Bachelor's degree in Information Security, Computer Science, or equivalent experience
- 10+ years of experience in information security with a focus on data security and privacy
- Strong understanding of data protection principles and technologies
- Experience with network security, endpoint security, and cloud security solutions
- Demonstrated experience working in commercial security roles aligned with security compliance frameworks (e.g., NIST, ISO, PCI)
- Experience in building productive relationships and driving collaboration with both technical and non-technical teams
- Clear ability to communicate the desired business outcomes and requirements to technologists building solutions
- Ability to operate effectively in a remote environment
- Self-starting, self-motivated, self-directed, and self-sufficient
- Deep understanding of data security, data protection, and data privacy workstreams and related tooling (DSPM, DLP, CASB..etc)
- Demonstrated experience managing projects and data security tool implementations at a large/comparably sized company, ideally in a regulated industry; and/or Big 4 candidates with related engagement experience
- Strong security background; security certification preferred (e.g., CISA, CISM, CISSP, CDPSE)
- Bachelor's degree or higher in cybersecurity or a related technical focus area and/or equivalent practical experience
- Strategic thinker with strong analytical and critical thinking skills
- Certifications such as CISSP, CISA, CISM, or CDPSE are preferred
- Experience managing small teams and/or more junior team members is strongly preferred