Auth0 Product Security Engineer

UK Remote; Spain Remote

We are looking for a Product Security Engineer with a passion for building and breaking things to solve security problems in partnership with our Engineering teams. You will have a chance to apply your skills and passion to improve the security of our product on a daily basis. Build security tooling and automation for internal use, support DAST/SAST tooling integration in CI/CD pipeline, educate and support our development teams in prioritizing and remediating vulnerabilities.

 

Responsibilities:

  • Build security tooling and automation for internal use that enables Security Engineering to operate at high speed and wide scale.
  • Manage the lifecycle of Auth0 vulnerability reporting program, including public and private bug bounty program.
  • Drive the prioritization and remediation plan for vulnerabilities in partnership with security champions.
  • Represent Auth0 security team by engaging periodically in internal and external speaking engagements.
  • Embed security assurance scans as an integral part of CI/CD pipeline and influence shift left approach to security(Optional)
  • Manage DAST/SAST/SCA  tools and CI/CD pipeline integration strategy.(Optional)

 

Our Ideal Candidate will have:

  • Good understanding of Web application security, identification, and remediation of code and design flaws.
  • Good understanding of OWASP Top 10 vulnerabilities
  • Good development experience in React, NextJS, TypeScript/JavaScript, Python.
  • Experience in Building security tooling and automation scripts.
  • Experience with security tools (SCA, SAST, DAST, Burp Proxy, ZAP Proxy etc.)
  • Experience with risk management methodologies, design control, vulnerability ranking and remediation prioritization.
  • Ability to explain complex security issues and their impact to diverse audiences

 

Also Nice to have:

  • Basic understanding of API security best practices.
  • Experience with managing company-wide Bug Bounty programs.
  • Experience in external vendor management.

 

Okta is an Equal Opportunity Employer.

Okta is rethinking the traditional work environment, providing our employees with the flexibility to be their most creative and successful versions of themselves, no matter where they are located.  We enable a flexible approach to work, meaning for roles where it makes sense, you can work from the office, or from home, regardless of where you live.  Okta invests in the best technologies and provides flexible benefits and collaborative work environments/experiences, empowering employees to work productively in a setting that best and uniquely suits their needs.  Find your place at Okta https://www.okta.com/company/careers/. 

By submitting an application, you agree to the retention of your personal data for consideration for a future position at Okta.  More details about Okta’s privacy practices can be found at: https://www.okta.com/privacy-policy.

 

#LI-Remote

#LI-SH1

Apply

Resume
Upload Resume/CV (PDF must be less than 8 MB )
Cover Letter
Upload Cover Letter (PDF must be less than 8 MB )