Secure Every Identity, from AI to Human

Identity is the key to unlocking the potential of AI. Okta secures AI by building the trusted, neutral infrastructure that enables organizations to safely embrace this new era. This work requires a relentless drive to solve complex challenges with real-world stakes. We are looking for builders and owners who operate with speed and urgency and execute with excellence.

This is an opportunity to do career-defining work. We're all in on this mission. If you are too, let's talk.

Senior Security Infrastructure Engineer, Red Team

Within the Product Security team, our Red Team delivers robust security assurance for Okta's products, services, and infrastructure. You will be the team's dedicated infrastructure and tooling engineer, the first person in this role for a small team of operators. You will work alongside operators but not report through an operator chain; you'll collaborate as a peer focused on a different discipline.

We seek a Staff Security Infrastructure Engineer to own the engineering backbone that enables our operations. This is not a traditional operator role but a dedicated infrastructure, tooling, and automation engineering position embedded within the Red Team. You will design, build, maintain, and continuously improve the platforms, infrastructure, and custom tooling that our operators depend on to execute engagements.

Your work directly enables the team to operate at a higher maturity level: faster infrastructure deployment, more resilient and OPSEC-aware architecture, automated workflows, and reliable custom tooling, freeing operators to focus on the mission. Your role will also extend to cultivating stakeholder collaboration and elevating our company’s security posture through strategic engagement and proactive measures. As the team matures, this role can evolve toward platform leadership, custom capability development, or a hybrid operator/engineer path.

What You Will Do

Infrastructure Engineering & Automation:

• Own the full lifecycle of red team infrastructure: design, provisioning, configuration, maintenance, and teardown
• Build and maintain Infrastructure-as-Code (IaC) using Terraform (or equivalent) to automate deployment of C2 servers, redirectors, phishing infrastructure, payload-delivery systems, and supporting services.
• Resource and asset lifecycle management through tracking domains, certificates, cloud accounts, recurring expenses, and infrastructure resources; managing acquisition, rotation, and retirement.

Tooling Development & Maintenance:

• Develop, maintain, and improve custom tools, scripts, and automation to support red team operations (e.g., payload generation pipelines, log aggregation, C2 profile management, infrastructure health checks), providing on-demand infrastructure/tooling support when issues or gaps arise.
• Collaborate closely with operators during engagement planning to understand infrastructure requirements, OPSEC constraints, and operational timelines.
• Building and maintaining a representative test environment for pre-operation validation of tools and tradecraft against a security stack similar to the target.
• Maintaining the team's source code repository with merge/pull request processes, documentation, and code quality standards.
• Ensuring engagement evidence, infrastructure logs, and operational data are centrally collected and accessible for reporting and after-action reviews.
• Contribute to and maintain metrics that demonstrate infrastructure maturity, operational efficiency, and readiness (e.g., deployment time, rebuild time, infrastructure availability during engagements).

Security & OPSEC:

• Design infrastructure with OPSEC as a first-class requirement: network segmentation, traffic separation between operations, credential management, and access controls
• Implement and manage secure access to red team infrastructure
• Create and update operational runbooks, infrastructure documentation, and SOPs for the team.
• Maintain clear records of infrastructure ownership and attribution to support deconfliction processes.

What You Bring

Required

• 5+ years of professional experience in infrastructure engineering, DevOps, platform engineering, or a similar role with significant automation responsibilities
• Strong familiarity with Terraform (or equivalent IaC tooling) for multi-cloud infrastructure provisioning and management
• Experience operating in cloud-native, SaaS, or identity-focused environments
• Strong proficiency with configuration management tools (Ansible, or equivalent)
• Proficiency in at least one systems programming or scripting language (Python, Go, Bash) with disciplined development practices (version control, code review, testing, documentation)
• Solid understanding of Linux systems administration, networking fundamentals (DNS, HTTP/S, TCP/IP, proxying, TLS), and cloud platforms (AWS, GCP, or Azure)
• Understanding of OPSEC principles as they apply to offensive infrastructure — you know why redirector chains, domain categorization, traffic separation, and certificate management matter.

Strongly Preferred

• Experience building and maintaining CI/CD pipelines (GitHub Actions, GitLab CI, Jenkins, or similar)
• Familiarity with containerization and orchestration (Docker, Kubernetes) as applicable to tooling and lab environments
• Familiarity with C2 frameworks (Cobalt Strike, Mythic, Sliver, or similar) from an infrastructure and deployment perspective — you don't need to operate them, but you need to understand what operators need from the infrastructure
• Familiarity with detection evasion concepts as they relate to infrastructure (e.g., traffic shaping, hosting provider reputation, certificate transparency)

Nice to Have:

• Working knowledge of Blue Team operations and related technologies
• Experience with security tool development (implant development, payload engineering, evasion tooling) — this role can grow in that direction
• Familiarity with Red Team maturity models and how infrastructure/tooling capabilities map to organizational maturity

Note: This is not an operator role. You will not be the person running hands-on-keyboard engagements as your primary function. While you may participate in operations to understand requirements or provide support, your core mission is ensuring the team's infrastructure, workflows, tooling, and automation are reliable, repeatable, and mature. You are the engineering foundation the operators build on.

(P22302_3403905)

Below is the annual salary range for candidates located in Canada. Your actual salary will depend on factors such as your skills, qualifications, and experience. In addition, Okta offers equity (where applicable), bonus, and benefits, including health, dental, and vision insurance, RRSP with a match, healthcare spending, telemedicine, and paid leave (including PTO and parental leave) in accordance with our applicable plans and policies. To learn more about our Total Rewards program, please visit: https://rewards.okta.com/can.

The annual base salary range for this position for candidates located in Canada is between:

$114,000—$157,300 USD

The Okta Experience:

• Supporting Your Well-Being
• Driving Social Impact
• Developing Talent and Fostering Connection + Community

We are intentional about connection. Our global community, spanning over 20 offices worldwide, is united by a drive to innovate. Your journey begins with an immersive, in-person onboarding experience designed to accelerate your impact and connect you to our mission and team from day one.

Okta is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, ancestry, marital status, age, physical or mental disability, or status as a protected veteran. We also consider for employment qualified applicants with arrest and convictions records, consistent with applicable laws.

If reasonable accommodation is needed to complete any part of the job application, interview process, or onboarding please use this Form to request an accommodation.

Notice for New York City Applicants & Employees: Okta may use Automated Employment Decision Tools (AEDT), as defined by New York City Local Law 144, that use artificial intelligence, machine learning, or other automated processes to assist in our recruitment and hiring process. In accordance with NYC Local Law 144, if you are an applicant or employee residing in New York City, please click here to view our full NYC AEDT Notice.

Okta is committed to complying with applicable data privacy and security laws and regulations. For more information, please see our Personnel and Job Candidate Privacy Notice at https://www.okta.com/legal/personnel-policy/.