People Matter

Join the teams that make the Impossible Happen.

Search 
jobs
Explore 
companies
Join talent network
Talent
My job alerts

Staff Product Security Engineer, Reviews

Okta

Okta

Product
Bengaluru, Karnataka, India
Posted on Feb 25, 2026

Get to know Okta

Okta is The World’s Identity Company. We free everyone to safely use any technology, anywhere, on any device or app. Our flexible and neutral products, Okta Platform and Auth0 Platform, provide secure access, authentication, and automation, placing identity at the core of business security and growth.

At Okta, we celebrate a variety of perspectives and experiences. We are not looking for someone who checks every single box - we’re looking for lifelong learners and people who can make us better with their unique experiences.

Join our team! We’re building a world where Identity belongs to you.

As a Staff Product Security Engineer, you will play a critical role in safeguarding Okta’s products by conducting comprehensive security reviews, guiding engineering teams in secure development practices, and handling externally reported vulnerabilities. You will engage in code reviews, penetration testing, and architectural security assessments to ensure the security of Okta’s platforms and features.

This role is not suited for individuals who rely solely on automated vulnerability scanning. Instead, you must possess a deep technical understanding of web applications, backend services, penetration testing methodologies, and secure design principles.

A successful candidate will have expertise in authentication protocols (SAML, OAuth, OIDC), threat modeling, and a strong desire to automate security processes by building tools that proactively identify vulnerabilities. You will also be responsible for communicating risks, impact, and remediation strategies to developers, leadership, and external audiences through documentation, presentations, and external publications.

The ideal candidate will have an attacker mindset—the ability to think critically, creatively, and like an adversary when solving security challenges. We actively support public disclosure of research and findings through white papers, blog posts, and conference presentations.

What You Will Do

  • Conduct security reviews, including design reviews, threat modeling, and penetration testing of new features and major changes.
  • Perform manual secure code reviews across multiple programming languages.
  • Identify and mitigate security vulnerabilities, providing clear guidance to engineering teams.
  • Lead product security incidents, assess risks, and drive remediation efforts.
  • Develop security tools and automation to improve vulnerability detection and assessment.
  • Mentor junior engineers and provide guidance to non-security staff on secure development practices.
  • Represent Okta externally through security research, conference talks, and publications.

What You Bring

  • Expertise in identifying OWASP Top 10 / CWE Top 25 vulnerabilities through manual code review.
  • Strong experience in penetration testing and secure development practices.
  • Proficiency in multiple programming languages (e.g., Java, Go, Python, C/C++).
  • Deep understanding of authentication & authorization protocols (OIDC, SAML, OAuth).
  • Strong communication skills to explain risks and remediation to developers and leadership.
  • Ability to automate security testing using LLMs and scripting (Python, Bash, etc.).
  • Experience leading security incidents and risk assessments.

Desired Skills and Abilities

  • Experience in mobile (iOS/Android) and desktop (Windows/macOS) security testing.
  • Familiarity with SAST, DAST, SCA, and security tooling to improve security operations.
  • Strong cryptographic knowledge and secure implementation practices.
  • Experience in analyzing network protocols and traffic security.
  • Ability to develop proof-of-concept exploits to demonstrate vulnerabilities.

#LI-Onsite

P24843_3369490

What you can look forward to as a Full-Time Okta employee!

Okta cultivates a dynamic work environment, providing the best tools, technology and benefits to empower our employees to work productively in a setting that best and uniquely suits their needs. Each organization is unique in the degree of flexibility and mobility in which they work so that all employees are enabled to be their most creative and successful versions of themselves, regardless of where they live. Find your place at Okta today! https://www.okta.com/company/careers/.

Some roles may require travel to one of our office locations for in-person onboarding.

Okta is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, ancestry, marital status, age, physical or mental disability, or status as a protected veteran. We also consider for employment qualified applicants with arrest and convictions records, consistent with applicable laws.

If reasonable accommodation is needed to complete any part of the job application, interview process, or onboarding please use this Form to request an accommodation.

Notice for New York City Applicants & Employees: Okta may use Automated Employment Decision Tools (AEDT), as defined by New York City Local Law 144, that use artificial intelligence, machine learning, or other automated processes to assist in our recruitment and hiring process. In accordance with NYC Local Law 144, if you are an applicant or employee residing in New York City, please click here to view our full NYC AEDT Notice.

Okta is committed to complying with applicable data privacy and security laws and regulations. For more information, please see our Personnel and Job Candidate Privacy Notice at https://www.okta.com/legal/personnel-policy/.

See more open positions at Okta
Privacy policyCookie policy