AppSec Jobs
← Back to all jobs

Okta

Senior Software Engineer, Security Engineering

Bengaluru, Karnataka, IndiaWebsite

Full details on LinkedIn

The complete job description, requirements, and application details are available on the original posting.

About Okta

Okta, Inc. is a technology company based in San Francisco, founded in 2009 by Todd McKinnon and Frederic Kerrest. The company specializes in cloud-based identity and access management (IAM) solutions, including Identity-as-a-Service (IDaaS). Okta's Identity Cloud enables secure connections between users and technology, allowing organizations to manage user authentication for employees, customers, and partners across various applications and devices. Key offerings include Single Sign-On (SSO), which simplifies access to multiple cloud applications with one set of credentials, and Identity Governance and Privileged Access Management (PAM) for secure access controls. Okta has experienced significant growth, serving over 19,100 customers and reporting $2.263 billion in revenue for FY2024. The company is recognized for its influence in identity management and is committed to security and community initiatives through programs like Okta for Good.

Industry

information technology & services

Employees

6,000

1917 engineers

Revenue

$2.6B

Website

Visit →

Security at Okta

Compiled from public job postings, careers pages, and company materials. Data may not reflect current state — verify during interviews.

3 Intel Signals

Security Philosophy

  • Okta's stated mission is to ensure security is prioritized from the outset through its Secure Development Lifecycle.
  • The company embeds members of its Security Education team throughout the engineering organization, emphasizing security as a core corporate value.
  • Okta maps its risk philosophy to the NIST Cybersecurity Framework (CSF) 2.0 and aims to drive down exposure to server security misconfigurations.

Security Team

Okta's Product Security Incident Response Team (PSIRT) focuses on identifying, assessing, and managing risks. They also have a Security Champion Network led by their Security Education team. David Bradbury is the Chief Security Officer. The exact team size and reporting chain are not publicly available. Multiple active job postings for Product/Security Engineering roles mention common skills like Software Composition Analysis (SCA), Static Application Security Testing (SAST), DAST, and development expertise in languages like Go and/or Python, along with experience in GitHub and CI/CD systems (GitHub Actions, Jenkins).

Key Initiatives

  • Okta runs a Security Champions program led by its Security Education team.
  • They practice 'shift-left' by planning and building with a security-centric lens from the outset.
  • Vulnerabilities are managed through intake from various sources, including security researchers, bug bounty programs, employees, partners, or customers.
  • Okta's Bug Bounty Program has rewarded over 400 issues.
  • The Product Security Incident Response Team (PSIRT) is activated for immediate customer impact.
  • Secure SDLC artifacts include Software Bill of Materials (SBOM) and routine penetration testing.
  • Recent initiatives (within the last 6 months) include establishing regional security culture groups and mapping to the NIST CSF 2.0.

Preparing for an AppSec interview?

Get the weekly briefing 2,000+ security pros trust.