Staff Product Security Engineer, Red Team

 Published 12 days ago
    
 Canada
Apply Now Please mention DailyRemote when applying

Disclaimer: Before you apply, please make sure the job is legit.

Attempting to apply for jobs might take you off this site to a different website not owned by us. Any consequence as a result for attempting to apply for jobs is strictly at your own risk and we assume no liability.

Staff Product Security Engineer, Red Team

Within the Product Security team, our Red Team delivers robust security assurance for Okta's products, services, and infrastructure. 

We seek a staff-level member to join our Red Team. Your role will include ideating, planning, leading, and executing red team engagements against Okta’s assets. Your role will also extend to cultivating stakeholder collaboration and elevating our company’s security posture through strategic engagement and proactive measures.

What You Will Do

  • Execute comprehensive red team engagements against Okta’s products, services, and infrastructure following industry best practices.
  • Collaborate closely with Engineering, Product, and Business Technologies teams to comprehend their security needs and pinpoint opportunities for collaboration. 
  • Collaborate with Product Management to drive security features and enhancements.
  • Deliver security presentations, representing Okta with authority in private and public forums.

What You Bring

  • Extensive professional background in Offensive Security tools, techniques, and procedures
  • Advanced expertise in modern web application components, architecture, and design principles
  • First-hand operator experience creating and conducting Red Team exercises
  • Working knowledge of Blue Team operations and related technologies
  • Strong familiarity with operating within cloud and non-Windows environments
  • Knowledge of current cryptographic algorithms and techniques
  • Experience in attacking network protocols and analyzing network traffic
  • Experience writing proof-of-concept scripts to demonstrate vulnerability exploitation
  • Advanced expertise in modern business technologies, architectures, and practices
  • Working knowledge of compliance frameworks (SOC2, PCI, FedRamp, et al.)
  • Exceptional ability to communicate, influence, and articulate vulnerability risks and present remediation options clearly to stakeholders
  • Experience working with cross-functional teams, possessing exceptional stakeholder management skills

 

#LI-REMOTE

Ace Your Job Interview

Read our advice on how to answer the most common interview questions.