Staff Product Security Engineer

Hybrid$161,000 – $247,000
United States

Job Description, Responsibilities & Requirements

About the Position

Secure Every Identity, from AI to Human

Identity is the key to unlocking the potential of AI. Okta secures AI by building the trusted, neutral infrastructure that enables organizations to safely embrace this new era. This work requires a relentless drive to solve complex challenges with real-world stakes. We are looking for builders and owners who operate with speed and urgency and execute with excellence.

This is an opportunity to do career-defining work. We're all in on this mission. If you are too, let's talk.

Responsibilities

  • Conduct offensive security research focused on agentic AI systems: prompt injection, agent privilege escalation, tool-binding abuse, and agentic supply chain attacks against internal developer platforms.
  • Perform security assessments of Okta's AI platforms-including agentic systems and LLM-integrated products-across design, code, and runtime.
  • Build reusable security tooling that multiplies the entire Product Security team's capability.
  • Run the AI security vendor and tooling evaluation program: design and operate a benchmarking harness against AI security tools.
  • Perform manual code review of AI and agent-based system implementations across multiple languages.
  • Develop threat models for agentic architectures, orchestration layers, and LLM-integrated services.
  • Translate research findings into actionable guidance for engineering teams building AI-powered features and platforms.
  • Represent Okta externally through security research, conference presentations, white papers, and publications.
  • Mentor engineers across Product Security on AI/agentic security concepts, tooling, and assessment methodology.

Requirements

  • 7+ years of experience in information security, with meaningful depth in application security, offensive research, or AI/ML security.
  • Demonstrated hands-on experience assessing LLM-integrated systems and agentic AI architectures-not just familiarity with the concepts, but evidence of having found real vulnerabilities in them.
  • Strong offensive mindset: the ability to model what an adversary does with an agentic system, identify where the model's reasoning or the orchestration layer breaks down, and construct scenarios that make the risk concrete.
  • Experience building security tooling and automation-scripts, scanners, detection logic, or evaluation harnesses-that other engineers actually use.
  • Proficiency in at least two programming languages (Python and one of: Go, Java, TypeScript, C/C++).
  • Advanced experience in threat modeling, manual code review, and penetration testing, applied to complex distributed systems.
  • Knowledge of authentication and authorization protocols (OIDC, OAuth 2.0, SAML) and their implementation risks.
  • Strong communication skills: the ability to write clearly for technical and non-technical audiences, document research findings with precision, and present at external venues.
  • Experience producing external security research-publications, conference talks, blog posts, or open-source tooling.

Desired Skills and Abilities

  • Familiarity with agentic framework internals (tool-use protocols, MCP, function-calling patterns, agent orchestration architectures).
  • Experience with SAST, DAST, SCA, and fuzzing tooling applied to AI/ML pipelines or CI/CD systems.
  • Strong cryptographic knowledge and experience in identifying cryptographic implementation flaws.
  • Ability to develop proof-of-concept exploits that demonstrate AI/agentic vulnerabilities to engineering and product leadership.
  • Experience contributing to security standards, SDL processes, or vulnerability research programs.

We Offer

  • Competitive salary range: $161,000-$247,000 USD (depending on location)
  • Equity (where applicable)
  • Bonus
  • Comprehensive benefits, including health, dental, and vision insurance
  • 401(k)
  • Flexible spending account
  • Paid leave (including PTO and parental leave)

About the Company

Okta is The World's Identity Company. We free everyone to safely use any technology-anywhere, on any device or app. Our Workforce and Customer Identity Clouds enable secure yet flexible access, authentication, and automation that transform how people move through the digital world, putting Identity at the heart of business security and growth.

At Okta, we celebrate a variety of perspectives and experiences. We are not looking for someone who checks every box-we're looking for lifelong learners and people who can improve us with their unique experiences.

Join our team! We're building a world where Identity belongs to you.

Locations: Chicago, Illinois; New York, New York; San Francisco, California; Seattle, Washington; Washington, DC

Work Location Type: Hybrid

Employment Type: FULL_TIME

U.S. Equal Opportunity Employment Information

Okta is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, ancestry, marital status, age, physical or mental disability, or status as a protected veteran. We also consider for employment qualified applicants with arrest and convictions records, consistent with applicable laws.

If reasonable accommodation is needed to complete any part of the job application, interview process, or onboarding please use this Form to request an accommodation.

Pay Transparency

Okta complies with all applicable federal, state, and local pay transparency rules. For additional information about the federal requirements, click here.

Voluntary Self-Identification of Disability

Okta complies with the U.S. Department of Labor's Office of Federal Contract Compliance Programs (OFCCP) requirements for voluntary self-identification of disability. For more information, visit the OFCCP website.

Job Details

Company name:
Okta
Salary:
$161,000 – $247,000
Location:
United States
Employment Type:
Full-time
Work Mode:
Hybrid
Posted on TheJob:
Jun 28, 2026
Last checked:
Jun 28, 2026
Posted on the source:
Jun 4, 2026
Apply Now
© 2026 TheJob, Inc. All rights reserved.