Cyber Threat Researcher

The Role

The Defensive Cyber Operations (DCO) team is seeking a cyber threat researcher to contribute to the enhancement of our threat intelligence capabilities. You will be a key member of our Cyber Threat Research (CTR) team. Put simply, CTR identifies, prioritizes and researches the bad guys that seek to target Okta, our products and our customers. By better understanding their motives, tactics, techniques and procedures, we can assist Okta's security teams in defending against them. 

The CTR team is currently expanding our threat intelligence program with a dedicated team to focus on researching threats targeting our most important assets - our customers.

Responsibilities

  • Identify novel and emerging tactics and techniques used by threat actors targeting customers on the Okta platform
  • Develop productive relationships with our customers’ security teams and partners to facilitate threat intelligence sharing and collaboration
  • Curate indicators received from internal and external sources to enable actionable consumption by DCO
  • Develop behavioral detection ideas
  • Provide tactical cyber intelligence support to the incident commander as required during security incidents or events of interest
  • Develop and maintain an understanding of the cyber threat landscape, as it is relevant to Okta and our customers
  • Use our Priority Intelligence Requirements to identify and distribute intelligence of interest to CTR’s stakeholders including our security, product and engineerings teams
What does it take?

You’re a team player. You have great communications skills and a thirst for knowledge. You’re curious about systems and how they interact, knowing that to properly defend a system you must first understand how it works. You’re passionate about hunting for threat actors and love to dive deep into the data to look for evidence of malicious activity.

If you don’t have a degree, you have equivalent experience that’s given you the foundational knowledge to understand complex computing environments.

Required Skills and Experience

  • Experience in cyber security operations, in threat intelligence, incident response or comparable roles
  • Strong understanding of network security fundamentals and their application to threat actor tracking. You should be very familiar with TCP/IP, TLS and DNS.
  • Experience in performing research into the tactics, techniques and procedures of sophisticated adversaries and hunting for evidence of them within an enterprise environment
  • Familiarity and understanding of how threat actors abuse or attack large web and cloud platforms
  • Knowledge of scripting languages (e.g Python) and their applications for security analysis
  • Ability to work independently and achieve outcomes with limited direct supervision 
  • Excellent communication and writing skills (work samples welcomed)

Desirable Experience

We love to identify individuals who can supplement and enhance the existing skills within our team. Don’t be put off by the length of this list - we’re not looking for unicorns, but we would highly value applicants who happen to have experience in any one - or combination - of the following areas:

  • Experience with using Threat Intelligence Platforms
  • Knowledge of REST APIs and experience building tools to interact with them
  • Experience in writing and presenting on formal intelligence reports
  • Experience leveraging tools such as VirusTotal, pDNS, Certificate Transparency logs, Shodan, Censys, Urlscan and other data sets to form comprehensive threat assessments 
  • Experience querying big data platforms such as Snowflake, Splunk or other SIEM systems.

Okta is an Equal Opportunity Employer.

Okta is rethinking the traditional work environment, providing our employees with the flexibility to be their most creative and successful versions of themselves, no matter where they are located.  We enable a flexible approach to work, meaning for roles where it makes sense, you can work from the office, or from home, regardless of where you live.  Okta invests in the best technologies and provides flexible benefits and collaborative work environments/experiences, empowering employees to work productively in a setting that best and uniquely suits their needs.  Find your place at Okta https://www.okta.com/company/careers/. 

By submitting an application, you agree to the retention of your personal data for consideration for a future position at Okta.  More details about Okta’s privacy practices can be found at: https://www.okta.com/privacy-policy.

 

#LI-Remote

#LI-DA1

Apply

Resume
Upload Resume/CV (PDF must be less than 8 MB )
Cover Letter
Upload Cover Letter (PDF must be less than 8 MB )
U.S. Equal Opportunity Employment Information (Click here for instructions)

We request this data to promote diversity, inclusion, and belonging and to ensure we maintain fair and equitable hiring practices. Responding to the survey is voluntary.