Get to know Okta:

Okta is The World’s Identity Company. We free everyone to safely use any technology, anywhere, on any device or app. Our flexible and neutral products, Okta Platform and Auth0 Platform, provide secure access, authentication, and automation, placing identity at the core of business security and growth.

At Okta, we celebrate a variety of perspectives and experiences. We are not looking for someone who checks every single box - we’re looking for lifelong learners and people who can make us better with their unique experiences.

Join our team! We’re building a world where Identity belongs to you.

As an AEM Dev Sec Ops Engineer, you will oversee and automate our AEM infrastructure with a primary focus on security, reliability, and automated compliance. You will bridge the gap between development and operations by embedding security directly into the CI/CD pipeline and managing complex identity and content delivery architectures, including headless AEM and Auth0 integrations. Your role is pivotal in ensuring that our platform is not only high-performing but resilient against modern threats like DDoS attacks.

Key Responsibilities

• Identity & Access Management: Configure and manage Auth0 integrations for AEM, including token validation, OIDC/SAML configurations, and custom login modules to ensure secure user authentication.

• Headless Security: Oversee the security of AEM Headless deployments, including protecting GraphQL endpoints, managing CORS policies, and ensuring secure communication for decoupled front-end frameworks (React/Angular).

• Edge & CDN Protection: Manage and configure CDN(e.g., Cloudflare, Akamai, or Adobe-managed CDN) to optimize performance and implement DDoS mitigation strategies.

• Traffic Filtering: Implement and maintain Traffic Filter Rules and Web Application Firewall (WAF) configurations at the CDN level to block malicious spikes and sophisticated application-layer attacks.

• Automated Security Scanning: Integrate security tools (SAST/DAST) and secrets detection into CI/CD pipelines (Jenkins, GitLab) to identify vulnerabilities early in the development cycle.

• Environment Hardening: Install and manage AEM author, publish, and dispatcher instances with a focus on Dispatcher security hardening, SSL certificate automation, and Mod Security configurations.

• Observability & Incident Response: Monitor system performance and security logs using tools like Splunk or New Relic to proactively address threats and performance bottlenecks.

• Compliance Auditing: Regularly audit the platform and its integrations (Adobe Analytics, Target) to ensure alignment with corporate security policies and industry standards.

Required Skills & Experience

• **Experience:**5+ years in administering and securing AEM environments.

• Identity Services: Proven experience integrating Auth0 or similar Identity Providers (IdP) for enterprise-scale authentication.

• Architectural Knowledge: Strong understanding of Headless CMS security best practices, including API key management and JWT authentication.

• Network Security: Expertise in managing CDNs and implementing DDoS mitigation and WAF rules.

• Technical Stack: Proficiency in Apache Sling, JCR, OSGi, and web servers like Nginx or Apache.

• Automation: Hands-on experience with scripting (Python) and CI/CD tools (Jenkins, CircleCI) to automate security and deployment workflows.

• Cloud Experience: Experience with cloud-based AEM implementations, such as AEM as a Cloud Service (AEMaaCS) or AWS/Azure.

• Diagnostic Skills: Proficiency in analyzing log files, thread dumps, and heap dumps to resolve security incidents or performance outages.

• P24849_3380782

What you can look forward to as a Full-Time Okta employee!

• Amazing Benefits

• Making Social Impact

• Developing Talent and Fostering Connection + Community at Okta

Some roles may require travel to one of our office locations for in-person onboarding.

Okta is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, ancestry, marital status, age, physical or mental disability, or status as a protected veteran. We also consider for employment qualified applicants with arrest and convictions records, consistent with applicable laws.

If reasonable accommodation is needed to complete any part of the job application, interview process, or onboarding please use this Form to request an accommodation.

Notice for New York City Applicants & Employees: Okta may use Automated Employment Decision Tools (AEDT), as defined by New York City Local Law 144, that use artificial intelligence, machine learning, or other automated processes to assist in our recruitment and hiring process. In accordance with NYC Local Law 144, if you are an applicant or employee residing in New York City, please click here to view our full NYC AEDT Notice.

Okta is committed to complying with applicable data privacy and security laws and regulations. For more information, please see our Personnel and Job Candidate Privacy Notice at https://www.okta.com/legal/personnel-policy/.