Senior Product Security Engineer, Reviews
Full time
at Okta, Inc.
in
Ireland
Posted on April 10, 2024
Job details
Senior Product Security Engineer, Reviews
Ireland Get to know Okta Okta is The World’s Identity Company. We free everyone to safely use any technology—anywhere, on any device or app. Our Workforce and Customer Identity Clouds enable secure yet flexible access, authentication, and automation that transforms how people move through the digital world, putting Identity at the heart of business security and growth. At Okta, we celebrate a variety of perspectives and experiences. We are not looking for someone who checks every single box - we’re looking for lifelong learners and people who can make us better with their unique experiences. Join our team! We’re building a world where Identity belongs to you. Senior ProductSecurity Engineers are responsible for conducting security reviews on all of Okta’s products, providing security education to our engineers, and handling externally reported vulnerabilities. This ranges from code reviews, penetration tests, and architectural reviews on new features and existing code, in order to provide security education and guidance to the entire organization. This position is not for someone who operates solely on scanner-based vulnerabilities. You will be required to demonstrate a strong technical understanding of web applications, backend services, penetration testing techniques and methodologies. You should have a clear understanding of Okta's authentication protocols, such as SAML and OAuth. Furthermore, you should have the desire to automate tasks by building tools to help discover vulnerabilities and be comfortable explaining and communicating vulnerabilities to developers, management and leadership by creating thorough documentation of findings. The most important quality we are looking for is someone who has an “evil bit” - an innate ability to think and operate like an attacker while solving complex problems with expertise and creativity. At Okta we fully support externally publishing exciting new findings and will help you do it in the form of white papers, blog posts, and live presentations at conferences of your choice. Job Duties and Responsibilities:- Work closely with Engineering teams on Design Reviews for new features or major changes
- Audit code for security flaws and best practices
- Perform Penetration Tests on new features and on the platform as a whole
- Develop, implement, and communicate vulnerability mitigation strategies to development teams
- Work solo and collaboratively to deliver projects on a deadline
- Think like an attacker and solve complex problems with expertise and ingenuity
- Give security presentations and represent Okta in private or public venues
- Ability to identify common (OWASP Top 10/CWE Top 25) web application vulnerabilities through secure code review (ex: Java, .Net, Go, C, C++, C#, Swift, Kotlin, Python)
- Ability to conduct a manual Web Application Penetration Test using industry standard tools (ex: Burp Suite)
- Knowledge of modern web application components, architecture, and design principles
- Ability to explain vulnerability risks and remediation options to developers
- Beginner level coding ability in at least one scripting language (ex: Python, Bash)
- Knowledge in current authentication and authorization protocols (OIDC, SAML)
- Experience in mobile device (Android and/or iOS) application penetration testing
- Experience with SAST, DAST, SCA, and fuzzing tools
- Knowledge in current cryptographic algorithms and techniques
- Experience in attacking network protocols and analyzing network traffic
- Experience writing proof of concept scripts to demonstrate vulnerability exploitation
- Alcohol or other substance use disorder (not currently using drugs illegally)
- Autoimmune disorder, for example, lupus, fibromyalgia, rheumatoid arthritis, HIV/AIDS
- Blind or low vision
- Cancer (past or present)
- Cardiovascular or heart disease
- Celiac disease
- Cerebral palsy
- Deaf or serious difficulty hearing
- Diabetes
- Disfigurement, for example, disfigurement caused by burns, wounds, accidents, or congenital disorders
- Epilepsy or other seizure disorder
- Gastrointestinal disorders, for example, Crohn's Disease, irritable bowel syndrome
- Intellectual or developmental disability
- Mental health conditions, for example, depression, bipolar disorder, anxiety disorder, schizophrenia, PTSD
- Missing limbs or partially missing limbs
- Mobility impairment, benefiting from the use of a wheelchair, scooter, walker, leg brace(s) and/or other supports
- Nervous system condition, for example, migraine headaches, Parkinson’s disease, multiple sclerosis (MS)
- Neurodivergence, for example, attention-deficit/hyperactivity disorder (ADHD), autism spectrum disorder, dyslexia, dyspraxia, other learning disabilities
- Partial or complete paralysis (any cause)
- Pulmonary or respiratory conditions, for example, tuberculosis, asthma, emphysema
- Short stature (dwarfism)
- Traumatic brain injury
Follow Okta
First Name Last Name Email Phone Resume Upload PDF Paste Resume/CV Upload Resume/CV (PDF must be less than 8 MB ) Resume/CV Upload PDF Paste Upload Cover Letter (PDF must be less than 8 MB ) #J-18808-LjbffrApply safely
To stay safe in your job search, information on common scams and to get free expert advice, we recommend that you visit SAFERjobs, a non-profit, joint industry and law enforcement organization working to combat job scams.