Reports to: Vice President, Business Technology, Infrastructure and Operations
Information Security is a top business imperative at Okta. In addition to driving security in our corporate environment, the Business Technology (BT) team is deeply entrenched in the Okta business. We are an engineering-focused team that seeks to stay on the cutting edge of technology.
We are looking for an experienced information security leader to drive Okta’s enterprise security program covering Okta’s Business Technology environment from end-user computing to cloud infrastructure and our SaaS providers that make our company tick. This role takes responsibility for the stable delivery of effective Business Technology security services within the company as the end-to-end owner of a portfolio of security services from strategy and planning to management and delivery.
Senior Director of Enterprise Security is a strategic role who partners with the CSO and the Okta Security team to ensure the effective design and operation of a global information risk management program and the cybersecurity organization.
The successful candidate will be an experienced technical leader with strong communication skills and an operational and technical experience background. You will have prior experience working with security technologies and managing the day-to-day operations of security solutions. As a partner to the broader Okta Security team, you will have experience influencing others concerning security policies and standards and the know-how to balance security needs and user experience. You will also participate as part of security incident response processes.
What you get to do in this role:
- Serve as the primary point of contact and trusted authority for IT security services at Okta
- Develop a vision and strategy for enterprise security that meets industry standards and customer requirements
- Provide leadership and direction, ranging from planning and budgeting, motivational and promotional activities to mentoring and sponsorship of staff
- Deliver meaningful metrics and reporting across a range of security services to inform decisions based on accurate, up-to-date measurements of threat and risk
- Drive governance forums for each of the security services that deliver by several different teams across the company
- Recommend additional security solutions or enhancements to existing security solutions to improve overall enterprise security.
- Partner with other areas of the security and technology organization to drive remediation of findings.
- Interact with senior management through documentation and presentations on security assurance-related matters.
- Ensure effective planning and testing of the Disaster Recovery Plan in relation to IT security services
- Offer pragmatic advice and practical assistance on security risk and control selection activities.
- Manage the deployment and management of security services using next-generation products to stay abreast of and ahead of real-world threats and attacks
- Work with business executives to prioritize security initiatives and spending based on identified cyber risk and internal risk appetite.
- Maintain up-to-date, detailed knowledge of the information security industry, including awareness of new or revised security technologies, improved security processes, and the development of new attacks and threat vectors.
To be successful in this role, we need someone who has:
- Bachelor's degree or equivalent
- 10+ years of security experience
- Demonstrated proficiency with security and/or identity products
- Experience with security assurance tools(DLP, Patch Management, Antivirus, Malware, etc..).
- Experience in DevOps, Infrastructure security architecture, compliance, and risk management.
- Strong troubleshooting experience and skills to resolve incidents across multiple domains.
- Extensive experience with cloud security architectures and solutions
- Understanding of Compliance and Security frameworks not limited to COBIT, NIST CSF, CIS Top 20, SOX, GDPR, HIPPA, SOC 2, FedRAMP
- Knowledge of security monitoring and detection tools and practices
- Cross-functional solid leadership and team-building skills
- Experience engaging other security teams, IT, and corporate customers regarding security
- Ability to effectively prioritize and execute tasks in a high-pressure environment.
- Good written, oral, and interpersonal communication skills.
- Ability to conduct research into IT security issues and products as required.
- Ability to present ideas in business-friendly and user-friendly language.
- Highly self-motivated and keen attention to detail.
- Builds Effective Teams: Building strong-identity teams that apply their diverse skills and perspectives to achieve common goals.
- Demonstrates Self-Awareness (EQ): Using a combination of feedback and reflection to gain productive insight into personal strengths and weaknesses.
- Develops Talent: Developing people to meet both their career goals and the organization’s goals.
- Drives Results: Consistently achieving results, even under tough circumstances.
- Strategic Mindset: Seeing ahead to future possibilities and translating them into breakthrough strategies.
Okta is an Equal Opportunity Employer.
Okta is rethinking the traditional work environment, providing our employees with the flexibility to be their most creative and successful versions of themselves, no matter where they are located. We enable a flexible approach to work, meaning for roles where it makes sense, you can work from the office, or from home, regardless of where you live. Okta invests in the best technologies and provides flexible benefits and collaborative work environments/experiences, empowering employees to work productively in a setting that best and uniquely suits their needs. Find your place at Okta https://www.okta.com/company/careers/.
By submitting an application, you agree to the retention of your personal data for consideration for a future position at Okta. More details about Okta’s privacy practices can be found at: https://www.okta.com/privacy-policy.