Staff Software Engineer - Federal

Okta•Washington, DC

2h•Remote

About The Position

Okta is The World’s Identity Company. We free everyone to safely use any technology, anywhere, on any device or app. Our flexible and neutral products, Okta Platform and Auth0 Platform, provide secure access, authentication, and automation, placing identity at the core of business security and growth. At Okta, we celebrate a variety of perspectives and experiences. We are not looking for someone who checks every single box - we’re looking for lifelong learners and people who can make us better with their unique experiences. Join our team! We’re building a world where Identity belongs to you. The Team We safeguard Okta from threats and vulnerabilities that could disrupt our business or erode our customers’ trust. The Defensive Cyber Engineering organization is responsible for the Security Data Platform, infrastructure, and tooling that enable Okta’s Detection and Response capabilities. The team also manages enterprise security tools and infrastructure that support XDR, DLP, and SSPM capabilities. The Role We are expanding this team to support Okta’s Public Sector roadmap by hiring a Staff Software Engineer in the DC area. You’ll work closely with Security, Business Technology Engineering, and Product teams to implement and manage security solutions, ensuring our core infrastructure applications protect our workforce, endpoints, and corporate data. To deliver on this vision, you will build data and infrastructure platforms by leveraging your software, data, and security engineering skills. You’ll use automation, policy-as-code, and cloud-native technologies to deliver scalable, resilient, and secure solutions.

Requirements

8+ years of strong coding and scripting experience, with a focus on building automation and custom tooling for infrastructure and data pipelines. Experience with Python is required; proficiency in other languages (e.g., Bash, PowerShell, Go) is a plus.
Experience developing and maintaining ETL/ELT pipelines for onboarding security data into Okta’s security data lake.
Experience working with security teams to integrate log sources and ensure seamless data ingestion.
Ability to build and maintain scalable, fault-tolerant data pipelines to process security event data.
Proven track record of automating security controls and workflows using a cloud-first approach.
Experience with Terraform and other infrastructure-as-code tools to orchestrate security infrastructure.
Familiarity with CI/CD pipelines for security automation and drift management.
Strong communication skills, with the ability to collaborate with technical staff, support teams, executive leadership, and external vendors.
This position requires the ability to access federal environments and/or have access to protected federal data. As a condition of employment for this position, the successful candidate must be able to submit documentation establishing U.S. Person status (e.g. a U.S. Citizen, National, Lawful Permanent Resident, Refugee, or Asylee. 22 CFR 120.15) upon hire.

Nice To Haves

2+ years of experience building engineering solutions within highly regulated environments such as FedRAMP High, IL4, IL5, and/or IL6 is a plus.
Current or previous Secret, Top Secret (TS), or Top Secret/Sensitive Compartmented Information (TS/SCI) clearance is a plus.
Advanced identity management technologies (MFA, SAML, OAuth, OIDC, WebAuthn)
Deep understanding of Okta's ecosystem, including advanced configuration and integrations
Experience with continuous compliance solutions (e.g., policy-as-code, automated evidence gathering)

Responsibilities

Serve as a security subject matter expert (SME) for solution engineering and architecture reviews, preferably in the Detection and Response and/or enterprise security tooling space.
Lead technical efforts to evaluate, design, and implement new enterprise security systems and feature enhancements.
Build, maintain, and enhance custom automation and cloud infrastructure using Terraform or similar tools to support team workflows and enforce security controls.
Develop integrations with APIs, cloud platforms (AWS, GCP, Azure), and security infrastructure to improve detection, response, and remediation.
Write and maintain scripts and automations, with an emphasis on Python-based solutions, to streamline security operations.
Establish monitoring and alerting for security posture, misconfigurations, and threats across endpoints, SaaS, and cloud workloads.
Proactively identify and remediate security gaps; stay updated on emerging threats, solutions, and tooling across the industry.