Adversarial Engineer

Okta’s Defensive Cyber Operations (DCO) organization is seeking an offensive security minded individual to join the Adversarial Engineering team and contribute to the continued buildout of the program. As part of the DCO team, Adversarial Engineering is tasked to improve Okta and our customer’s security posture by emulating attacker techniques to identify areas of improvement for detection and response. This extends beyond traditional “purple teaming” of end-points or networks to also look at Okta as a product and SaaS applications used internally.

An ideal candidate will have experience in the offensive or defensive cybersecurity domains but both are not required. They would also have the ability to develop and extend tools used to emulate threats. Red team or detection engineering experience in AWS, macOS and containerized environments is desirable.

What this position is not.

  • This is not a “red team”, full scope operational role. Live engagements are coordinated with the defensive teams up front with full knowledge. Many initiatives are run in controlled lab environments.
  • This is not a penetration testing role. While vulnerabilities may be found, the purpose is not the identification and exploitation of vulnerabilities. Value is provided in the analysis of how an attacker may leverage systems.
  • This is not a SOC or detection engineering role. The hired individual may provide support during incidents or develop detection logic, but works separately from the daily workflows of the Detection and Response Engineering team.
Job Duties and Responsibilities:
  • Research adversary methodology with an end-goal of replication.
  • Develop automated testing using breach and assessment tools to validate Okta’s defensive capabilities.
  • Scope and execute emulatations of adversary capabilities in environments that include: Windows, macOS, Linux, AWS, and containerization such as Docker and ECS.
  • Scope and execute emulations against Okta’s products and the abuse of business applications including SaaS-based.
  • Provide analysis of emulated activity in instrumented environments to identify gaps and provide guidance on detection or response improvements.
What does it take?

You’re a team player with a thirst for knowledge. You’re curious about how attackers operate, knowing that to properly defend a system you must first understand the technical threats. You enjoy automating tasks and if you can’t find a tool for the job you create one. You have the habit of identifying areas of operational friction and then come up with ways to remove them.

You have a solid grasp of Python paired with some experience writing code in other languages. Your past experience has given you a conceptual knowledge of Cloud & Container architectures and operating in enterprise environments that heavily use them.

You’ve previously worked in a red team or “purple team” capacity and can explain how major attacker techniques work, along with methods to detect and investigate them. You don’t stop after identifying a problem--you partner with other teams to solve it. You desire to work with a fully remote team and can remain productive and on task outside of a physical office.

 If you don’t have a degree, you have equivalent experience that’s given you the foundational knowledge to understand complex computing environments.



Okta is an Equal Opportunity Employer.

Okta is rethinking the traditional work environment, providing our employees with the flexibility to be their most creative and successful versions of themselves, no matter where they are located.  We enable a flexible approach to work, meaning for roles where it makes sense, you can work from the office, or from home, regardless of where you live.  Okta invests in the best technologies and provides flexible benefits and collaborative work environments/experiences, empowering employees to work productively in a setting that best and uniquely suits their needs.  Find your place at Okta 

By submitting an application, you agree to the retention of your personal data for consideration for a future position at Okta.  More details about Okta’s privacy practices can be found at:


Upload Resume/CV (PDF must be less than 8 MB )
Cover Letter
Upload Cover Letter (PDF must be less than 8 MB )
U.S. Equal Opportunity Employment Information (Click here for instructions)

We request this data to promote diversity, inclusion, and belonging and to ensure we maintain fair and equitable hiring practices. Responding to the survey is voluntary.