Job Description, Responsibilities & Requirements
About the Position
Secure Every Identity, from AI to Human
Identity is the key to unlocking the potential of AI. Okta secures AI by building the trusted, neutral infrastructure that enables organizations to safely embrace this new era. This work requires a relentless drive to solve complex challenges with real-world stakes. We are looking for builders and owners who operate with speed and urgency and execute with excellence.
This is an opportunity to do career-defining work. We're all in on this mission. If you are too, let's talk.
Responsibilities
As a Senior AEM DevSecOps Engineer, you will oversee and automate our AEM infrastructure with a primary focus on security, reliability, and automated compliance. You will bridge the gap between development and operations by embedding security directly into the CI/CD pipeline and managing complex identity and content delivery architectures. Your role is pivotal in ensuring that our platform is not only high-performing but resilient against modern threats like DDoS attacks.
- Identity & Access Management: Configure and manage AEM Cloud.
- Edge & CDN Protection: Manage and configure CDN (e.g., Cloudflare, or Adobe-managed CDN) to optimize performance and implement DDoS mitigation strategies.
- Traffic Filtering: Implement and maintain Traffic Filter Rules and Web Application Firewall (WAF) configurations at the CDN level to block malicious spikes and sophisticated application-layer attacks.
- Automated Security Scanning: Integrate security tools (SAST/DAST) and secrets detection into CI/CD pipelines (Jenkins, GitLab) to identify vulnerabilities early in the development cycle.
- Environment Hardening: Install and manage AEM author, publish, and dispatcher instances with a focus on Dispatcher security hardening, SSL certificate automation, and ModSecurity configurations.
- Observability & Incident Response: Monitor system performance and security logs using tools like Splunk to proactively address threats and performance bottlenecks.
- Compliance Auditing: Regularly audit the platform and its integrations (Adobe Analytics, Target) to ensure alignment with corporate security policies and industry standards.
Requirements
- Experience: 5+ years in administering and securing AEM environments.
- Architectural Knowledge: Strong understanding of Headless CMS security best practices, including API key management and JWT authentication.
- Network Security: Expertise in managing CDNs and implementing DDoS mitigation and WAF rules.
- Technical Stack: Proficiency in Apache Sling, JCR, OSGi, and web servers like Nginx or Apache.
- Automation: Hands-on experience with scripting (Python) and CI/CD tools (Jenkins, CircleCI) to automate security and deployment workflows.
- Cloud Experience: Experience with cloud-based AEM implementations, such as AEM as a Cloud Service (AEMaaCS) or AWS/Azure.
- Diagnostic Skills: Proficiency in analyzing log files, thread dumps, and heap dumps to resolve security incidents or performance outages.
Nice to Have
- Oversee the security of AEM Headless deployments, including protecting GraphQL endpoints, managing CORS policies, and ensuring secure communication for decoupled front-end frameworks (React/Angular).
- Proven experience integrating Vercel Cloud with AEM cloud.
- Knowledge of NextJS, React code.
We Offer
- Amazing Benefits
- Making Social Impact
- Fostering Diversity, Equity, Inclusion and Belonging at Okta
Okta cultivates a dynamic work environment, providing the best tools, technology, and benefits to empower our employees to work productively in a setting that best and uniquely suits their needs. Each organization is unique in the degree of flexibility and mobility in which they work so that all employees are enabled to be their most creative and successful versions of themselves, regardless of where they live. Find your place at Okta today! Okta Careers.
About the Company
Okta is the leading independent provider of identity for the enterprise. The Okta Identity Cloud enables organizations to securely connect the right people to the right technologies at the right time. With over 7,000 pre-built integrations to applications and infrastructure providers, Okta customers can easily and securely use the best technologies for their business. More than 19,300 organizations, including JetBlue, Nordstrom, Slack, T-Mobile, Takeda, Teach for America, and Twilio, trust Okta to help protect the identities of their workforces and customers.
Follow Okta: Okta