We are looking for a Product Security Engineer with a passion for building and breaking things to solve security problems in partnership with our Engineering teams. You will have a chance to apply your skills and passion to improve the security of our product on a daily basis. Facilitate and support Architecture, Engineering and Product teams to embed security into every stage of the product life cycle.
- Security Partnership for new product development, contributing security-focused feedback during all phases of the development lifecycle
- Build threat models and conduct risk assessments.
- Performing technical security assessments on our web applications, internal services, and partner applications.
- Perform design and code reviews, both manual and with analysis tools.
- Seek opportunities to optimize tools / technology & processes when appropriate
- Scale the security engineering initiatives through direct mentorship of security champions.
- Represent Auth0 security team by engaging periodically in internal and external speaking engagements
- Identify emerging classes of vulnerabilities and drive closure on remediations and prevention.
- Efficiently perform offensive security testing and work with vendors on 3rd party penetration test exercises
- Embed security assurance scans as an integral part of CI/CD pipeline and influence shift left approach to security
Our Ideal Candidate will have:
- Strong understanding of Web application security, including exploitation, identification, and remediation of code and design flaws.
- Expertise in secure development practices, testing, and techniques.
- Experience with security tools (SAST, SCA, DAST, fuzzers, etc.).
- Ability to explain complex security issues and their impact to diverse audiences.
- Experience building high trust security software.
- Experience with risk management methodologies, design control, threat modeling, vulnerability ranking and product enhancements
- Design, test and implement scalable security solutions
- Automate security controls to reduce our attack surface, proactively seek out vulnerabilities, and decrease response and recovery times
- Discuss and present technical matters with business people and business matters with cross functional teams.
Also Nice to have:
- Experience with implementing identity and access management and/or process isolation and sandboxing.
Okta is an Equal Opportunity Employer.
Okta is rethinking the traditional work environment, providing our employees with the flexibility to be their most creative and successful versions of themselves, no matter where they are located. We enable a flexible approach to work, meaning for roles where it makes sense, you can work from the office, or from home, regardless of where you live. Okta invests in the best technologies and provides flexible benefits and collaborative work environments/experiences, empowering employees to work productively in a setting that best and uniquely suits their needs. Find your place at Okta https://www.okta.com/company/careers/.
By submitting an application, you agree to the retention of your personal data for consideration for a future position at Okta. More details about Okta’s privacy practices can be found at: https://www.okta.com/privacy-policy.