Senior Detection and Response Engineer

We safeguard Okta from threats and vulnerabilities that have the potential to disrupt our business or degrade our customers’ trust in us.

In addition to driving security in our enterprise environment and Okta service, the Security team is deeply entrenched in the Okta business. The team contributes to product roadmaps, promoting trust, research and other strategic aspects of Okta’s operations. We work across multiple functions, business partners and the research community. We are an engineering-focused team that seeks to stay on the cutting edge of security technology and the threat landscape.

The Role

Okta is seeking an experienced Senior Engineer, Detection and Response to take on a key role as a senior technical expert within Okta’s Cyber Defense team. You will work closely with engineers and cross-functional teams to  improve security operations, develop threat detection mechanisms, and drive incident response automation. You will serve as a technical leader, providing hands-on expertise and mentoring for other engineers within the team.

Core Responsibilities 

Detection Engineering

• Develop and refine security detections across Okta’s infrastructure and applications ensuring optimal coverage across the organization.
• Create high-fidelity alerts that balance security visibility with operational efficiency.
• Work with detection & response engineers to tune detections, reduce false positives, and enhance response workflows.

Incident Response & Forensics

• Investigate and respond to security incidents, working to quickly contain and remediate threats.
• Take part in the DCO watch roster triaging alerts escalated via automated processes, internal reports, and third-party notifications.
• Perform forensic analysis of security events, logs, and endpoints to determine root causes.
• Develop and improve response playbooks and automation to streamline incident handling.

Security Automation & Engineering

• Build automation to improve detection and response workflows, reducing manual effort.
• Integrate security tools and APIs for enhanced threat detection and data correlation.
• Develop custom scripts and tooling to improve team efficiency and incident response capabilities.

Collaboration & Knowledge Sharing

• Work closely with security engineers, threat intelligence teams, and platform engineering teams to ensure a holistic security approach.
• Mentor and coach other engineers, providing technical guidance and support.
• Stay up to date with the latest attack techniques and security trends to continuously improve Okta’s defenses.

What does it take?

You’re a team player. You have great communications skills and a thirst for knowledge. You’re curious about systems and how they interact, knowing that to properly defend a system you must first understand how it works. You enjoy automating tasks and if you can’t find a tool for the job you create one. You’re calm under pressure and have a good internal compass for taking calculated risks.

If you don’t have a degree, you have equivalent experience that’s given you the foundational knowledge to understand complex computing environments.

You’re a leader. People want to work with you. You know what it takes to build a world-class defensive cyber capability and you’re passionate about helping make ours stronger. 

We love to identify individuals who can supplement and enhance the existing skills within our team. Don’t be put off by the length of this list - we’re not looking for unicorns, but we would highly value applicants who have experience in any one - or combination - of the following areas:

• Leading, or contributing to, technology focused teams large or small.
• Mentoring staff and providing development opportunities to build high performing teams.
• Operating as, or providing support to, the incident commander or technical lead during cyber security incidents.
• Developing advanced detection capabilities, working with detection-as-code, and automating the triage and response of alerts they generate.

Ideally you also have experience in several of the following areas:

• Researching the tactics, techniques and procedures of sophisticated adversaries and hunting for evidence of them within an enterprise environment.
• Developing detection and response validation techniques and automating tests to enable continuous assurance of defensive cyber capabilities.
• Analysing critical systems to understand both how to break them and defend them against attack.
• Working collaboratively within product and/or enterprise project teams, assisting to deliver large and complex technology solutions.

#LI-Hybrid