Cloud Security Architect

Cloud Security Architects are responsible for building & guiding large cross-company security initiatives while communicating at the highest levels of the organization through data based arguments and actionable best practices. 

This role requires both deep and broad technical knowledge across a range of security disciplines. The ideal candidate will be comfortable as the “go to” technical expert on AWS cloud security while simultaneously exhibiting hands-on experience creating solutions in complex environments, developing working proof of concepts, and leveraging deep technical knowledge to build trust and collaboration across the organization

The breadth of responsibility will range from providing service and network architecture, design reviews of existing implementations, security reviews of AWS environments, automation of security controls, and threat modeling of solutions in partnership with the offensive security team

What You Will Do:

Problem Solving

  • Research and design platform and infrastructure solutions that span and scale across our global AWS, and soon GCP, architecture.
  • Drive innovation and adoption of new technologies that modernize and highly automate our pipelines and cloud capabilities.
  • Develop strategy to implement an architecture that is durable, scalable, performant, agile and highly portable.
  • Work with engineers to analyze systems, threat model new features, and create responsive controls to ensure end-to-end customer protection
  • Develop production infrastructure fixes to complex vulnerabilities
  • Design, develop, and implement security controls and tools that improve the defense of Okta internet services infrastructure and applications
  • Perform proactive or reactive security architecture and configuration assessments across AWS environments and review significant changes to cloud infrastructure
  • Identify opportunities to optimize preventive security efforts in AWS using commercial, open source, and home-grown tools

Communication and Influence

  • Develop, evangelize, and enforce security configuration and architecture standards/design patterns across our AWS environments
  • Guide and collaborate with cross-functional teams to implement new solutions that scale with our business
  • Analyze requirements against threat models, and use a risk-based approach to prioritize solutions implementation
  • Define and communicate an execution roadmap that drives maturity of security capabilities
  • Educate internal teams on industry trends (DevOps, microsegmentation, containers & kubernetes, AWS / GCP new features) 
  • Act as an interface to the Product Management teams for prioritization, planning, and architecture

Our Ideal Cloud Security Architect Will Have:

  • 5+ years hands-on experience architecting and securing AWS environments, AWS services, large scale cloud networking architecture, IAM segmentation / consolidation, and security of data in transit
  • 5+ years experience performing security threat assessments / threat modeling
  • In-depth knowledge of AWS services, Linux, and security at scale
  • Ability to assess engineering designs and architecture diagrams for security issues
  • Ability to assess the risk of a threat within an application of feature
  • Experience defining technical security policies, requirements and designing controls to enforce those policies
  • Strong knowledge of cloud and application architectures and related security principles
  • Experience taking high-level security requirements, identifying required architecture and translating into technical tasks for relevant project teams to execute
  • Experience translating security architecture recommendations into related business risks, and communicating these risks effectively to get buy-in from diverse stakeholders
  • Bachelor's degree in CS or related field, or equivalent experience.

Nice to Have: 

  • 3+ years experience in Application Security or Offensive Security teams
  • Prior experience deploying hashicorp vault in a massively global zero down-time environment
  • Experience securing docker containers and orchestration services ( Kubernetes, EKS, GKS, ECS )
  • Experience performing source code reviews across various languages (e.g. Java, Go)
  • Strong understanding of core technical fundamentals (TCP/IP, DNS, TLS, Encryption)
  • Experience with GCP Cloud Security Architecture in a multi-cloud environment
  • Experience writing IaC deployments in Terraform
  • One or more of the following certifications, or equivalent expertise and experience: AWS Certified Solutions Architect Professional, AWS Security - Specialty, GCP Professional Cloud Security Engineer
  • Experience contributing to the security community such as presenting at conferences or meetups

((Colorado, New York and Washington only*) Minimum OTE of $204000/year + equity + benefits))

Okta is an Equal Opportunity Employer.

Okta is rethinking the traditional work environment, providing our employees with the flexibility to be their most creative and successful versions of themselves, no matter where they are located.  We enable a flexible approach to work, meaning for roles where it makes sense, you can work from the office, or from home, regardless of where you live.  Okta invests in the best technologies and provides flexible benefits and collaborative work environments/experiences, empowering employees to work productively in a setting that best and uniquely suits their needs.  Find your place at Okta 

By submitting an application, you agree to the retention of your personal data for consideration for a future position at Okta.  More details about Okta’s privacy practices can be found at:




Upload Resume/CV (PDF must be less than 8 MB )
Cover Letter
Upload Cover Letter (PDF must be less than 8 MB )
U.S. Equal Opportunity Employment Information (Click here for instructions)

We request this data to promote diversity, inclusion, and belonging and to ensure we maintain fair and equitable hiring practices. Responding to the survey is voluntary.