Senior Product Security Engineer, Reviews

Get to know Okta

Okta is The World’s Identity Company. We free everyone to safely use any technology—anywhere, on any device or app. Our Workforce and Customer Identity Clouds enable secure yet flexible access, authentication, and automation that transforms how people move through the digital world, putting Identity at the heart of business security and growth. 

At Okta, we celebrate a variety of perspectives and experiences. We are not looking for someone who checks every single box - we’re looking for lifelong learners and people who can make us better with their unique experiences. 

Join our team! We’re building a world where Identity belongs to you.

As a Senior Product Security Engineer, you will play a key role in securing Okta’s products by independently conducting security reviews, penetration tests, and threat modeling for new features and existing services. You will proactively identify security risks, influence engineering teams, and propose solutions to improve security posture.

This role requires a strong technical background in web application security, authentication protocols, and vulnerability analysis. You should be comfortable working autonomously on security projects, and collaborating with engineers.

A successful candidate will have an attacker mindset—the ability to think like an adversary when assessing risks, identifying vulnerabilities, and designing mitigations. You will also have opportunities to contribute to security tooling, automation, and external security research.

Job Duties and Responsibilities:

• Own and drive security reviews, including threat modeling, secure code reviews, and penetration testing for new and existing products.
• Independently identify, analyze, and mitigate security vulnerabilities, working closely with engineering teams.
• Propose and implement security improvements, balancing risk, impact, and business objectives.
• Assist in handling security incidents, conducting root cause analysis, and providing remediation guidance.
• Develop security tools and automation to improve vulnerability detection and assessment.
• Contribute to security research and participate in external engagements such as blog posts, white papers, and conference presentations.

Required Knowledge, Skills, and Abilities:

• Strong knowledge of application security principles, including OWASP Top 10 and CWE Top 25 vulnerabilities.
• Experience performing manual secure code reviews across multiple languages (Java, .NET, Go, C, C++, Python, Swift, Kotlin).
• Proficiency in penetration testing techniques and tools like Burp Suite.
• Understanding of authentication and authorization protocols (OIDC, SAML, OAuth).
• Ability to independently drive security initiatives and provide clear remediation strategies.
• Solid coding skills in at least one scripting or programming language (Python, Bash, etc.).
• Strong ability to communicate security risks and solutions to engineering teams and leadership.

 Desired skills and Abilities:

• Experience with mobile application security testing (Android/iOS).
• Familiarity with SAST, DAST, SCA, and fuzzing tools.
• Knowledge of cryptographic principles and secure implementations.
• Understanding of network security, protocol analysis, and threat modeling.
• Experience writing proof-of-concept scripts to demonstrate vulnerability exploitation.

#LI-Remote

#LI-SH1

Below is the annual salary range for candidates located in Canada. Your actual salary will depend on factors such as your skills, qualifications, and experience. In addition, Okta offers equity (where applicable), bonus, and benefits, including health, dental, and vision insurance, RRSP with a match, healthcare spending, telemedicine, and paid leave (including PTO and parental leave) in accordance with our applicable plans and policies. To learn more about our Total Rewards program, please visit: https://rewards.okta.com/can.

The annual base salary range for this position for candidates located in Canada is between:$114,000—$172,000 CAD

What you can look forward to as a Full-Time Okta employee!

• Amazing Benefits
• Making Social Impact
• Fostering Diversity, Equity, Inclusion and Belonging at Okta 

Okta cultivates a dynamic work environment, providing the best tools, technology and benefits to empower our employees to work productively in a setting that best and uniquely suits their needs. Each organization is unique in the degree of flexibility and mobility in which they work so that all employees are enabled to be their most creative and successful versions of themselves, regardless of where they live. Find your place at Okta today! https://www.okta.com/company/careers/.

Okta is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, ancestry, marital status, age, physical or mental disability, or status as a protected veteran. We also consider for employment qualified applicants with arrest and convictions records, consistent with applicable laws. If reasonable accommodation is needed to participate in the job application, interview process, or onboarding please use this Form to request an accommodation.

Okta is committed to complying with applicable data privacy and security laws and regulations. For more information, please see our Privacy Policy at https://www.okta.com/privacy-policy/. 

Apply