Staff Product Security Engineer | Okta

Okta Inc

Hybrid

Quick summary

Work type: Hybrid
Location: San Francisco, CA
Salary: $180,000–$247,500 / yr
Posted: 8 days ago
Nearby: 99+ roles within 25 mi

Market check

Salary context

Above market

How this pay compares to similar roles

Similar $192k

This role $214k

$138k most similar roles pay here $259k

This role pays more than 69% of similar roles. Most pay $161,100–$222,000 — the shaded band above. At the midpoint, this role pays about $214k versus about $192k for comparable roles.

Based on 240 similar postings.

Employer

About Okta Inc

Okta, Inc. is an American identity and access management company based in San Francisco. It provides cloud software that helps companies manage and secure user authentication into applications, and for developers to build identity controls into applications, websites, web services, and devices.[

Okta Inc currently has 149 open roles on FindRole.

Listed pay typically runs $194,000–$267,000 across 149 roles with salary data.

Most-posted roles

View all roles at Okta Inc

At a glance

TL;DR · Staff Product Security Engineer | Okta

Apply Now Log in to save

As a Staff Product Security Engineer at Okta’s Security team, you will join a forward-thinking group dedicated to identifying and mitigating security risks in agentic AI systems. Day-to-day responsibilities include conducting offensive security research on prompt injection, privilege escalation, and supply-chain attacks, performing assessments of AI platforms, building reusable security tooling, evaluating AI security tools, and mentoring engineers. The ideal candidate has over seven years of experience in application security or AI/ML security, with hands-on experience finding vulnerabilities in LLM-integrated systems. Proficiency in Python and another language like Go, Java, TypeScript, or C/C++ is required, along with strong threat modeling and manual code review skills. Additionally, candidates should be adept at communicating technical findings to both internal teams and external audiences through research publications and conference presentations.

Skills

Python Go Java TypeScript C CI/CD LLM SAST DAST SCA Fuzzing OIDC OAuth 2.0 SAML Kubernetes Terraform GitHub GitLab Jenkins Prometheus Grafana AWS Azure Google Cloud Platform PostgreSQL MongoDB Redis Linux Windows Server Docker

What you'll do

Conduct offensive security research on agentic AI systems to identify risks like prompt injection and privilege escalation.
Perform security assessments of Okta's AI platforms across design, code, and runtime phases.
Build reusable security tooling that enhances the Product Security team’s capabilities.
Evaluate AI security tools through benchmarking harnesses designed for assessing vendor solutions.
Develop threat models for agentic architectures and LLM-integrated services to guide engineering teams.

What we're looking for

7+ years of experience in information security with depth in application security and offensive research.
Hands-on experience assessing LLM-integrated systems and agentic AI architectures, identifying real vulnerabilities.
Strong offensive mindset to model adversary behavior and construct risk scenarios for agentic systems.
Experience building and using security tooling and automation scripts for other engineers.
Proficiency in Python and one additional language (Go, Java, TypeScript, C/C++) for security assessments.
Advanced threat modeling, manual code review, and penetration testing skills for complex distributed systems.

Similar roles

Staff Product Marketing Manager, Security | Okta

Okta Inc

Bellevue, WA +3 98 days ago $165,000–$226,600

Okta IAM AD Entra ID MFA Cloud On-Premises AI LLMs Kubernetes Docker CI/CD PostgreSQL Python Go Terraform AWS Grafana Prometheus

Hybrid

Save

Staff Security Engineer - Vulnerability Management US Public Sector | Okta

Okta Inc

San Francisco, CA 36 days ago $180,000–$247,500

AWS Python Shell CI/CD Qualys TenableSC Prisma Cloud Wiz Orca Lacework Paramify Atlassian Jira ServiceNow CVE CVSS EPSS OWASP CISA KEV catalog DynamoDB S3 API Gateway AWS Lambda

Hybrid

Save

Staff Engineer - Product Security

GEICO

Remote (Seattle, WA) +3 9 days ago $110,000–$230,000

CI/CD GitHub Actions Azure DevOps Python Java Golang SAST DAST SCA container scanning automated threat modeling Cosmos SQL MySQL MongoDB DevOps OWASP Top 10 NIST CSF PCI-DSS

Remote

Save

Product Security Engineer, Staff

Qualcomm

San Diego, CA 3 days ago $149,600–$224,400

Ghidra IDA Binary_Ninja Linux Android Fuzzing Pen-testing LLVM Hypervisors Containers Secure_code_review Threat_modeling Exploit_mitigation_techniques CDMA GSM UMTS LTE WLAN Bluetooth NFC Zephyr QNX

Save