Staff Security Engineer, TDI jobs in United States
cer-icon
Apply on Employer Site
company-logo

ISC2 East Bay Chapter · 2 months ago

Staff Security Engineer, TDI

positionSan Francisco, CA
timeFull-time
remoteOnsite
senioritySenior Level, Lead/Staff
money$148K/yr - $222K/yr
date10+ years exp

Okta is The World’s Identity Company, focused on providing secure access and authentication solutions. They are seeking a highly skilled Staff Security Engineer with a DevSecOps focus to join their TDI BT Security team, where the role involves vulnerability management, secure development practices, and automation to enhance security across various platforms.

Computer & Network Security

Responsibilities

Lead hands-on vulnerability remediation efforts across endpoints (Mac/Windows), cloud workloads, and on-prem assets
Deploy, configure, and operationalize tools such as Snyk, Semgrep, and Qualys to expand scanning coverage for all TDI assets
Collaborate with teams to troubleshoot and remediate findings; provide technical mentorship to developers and admins
Improve vulnerability metrics, reporting, and visibility to drive accountability and measurable risk reduction
Partner with GRC to integrate findings into the risk register and ensure timely remediation or risk acceptance
Embed within product and engineering teams to advise on secure coding, build pipelines, and deployment best practices
Support and enforce ProdSec SDL adoption across business units, standardizing design reviews and requirements gathering
Implement secrets rotation automation and best practices for secrets management across TDI systems
Lead the Security Champions initiative—mentoring developers and SREs on proactive risk mitigation
Build and maintain secure baseline container and VM images for AWS environments, integrating core security tooling
Collaborate with SRE to manage update pipelines and enforce compliance with baseline standards
Conduct light Security Architecture Reviews (SARs) for lower environments to confirm proper controls and data handling
Develop automation for scanning, reporting, and patch validation
Identify and close gaps across CSPM, CI/CD pipeline security, and endpoint hardening
Provide technical guidance for integrating security into business and productivity platforms (Salesforce, ERP, Google Workspace, Slack, Zoom)

Qualification

Vulnerability scanningDevSecOpsAWS security practicesSnykSemgrepQualysSecure SDLCSecrets managementTroubleshooting skillsCommunication skillsMentoring

Required

10+ years of experience in Security Engineering, DevSecOps, or Infrastructure Security within a SaaS or enterprise environment
Hands-on technical expertise in vulnerability scanning, patching, and remediation across cloud, endpoint, and SaaS ecosystems
Experience deploying and managing Snyk, Semgrep, and Qualys tools
Strong knowledge of AWS security practices, SRE principles, and securing business technology stacks (Salesforce, ERP, Google, Slack, Zoom)
Proven ability to coach, mentor, and collaborate with development teams to improve remediation velocity
Practical understanding of secure SDLC / PDLC, supply chain security, and secrets management
Excellent troubleshooting and communication skills, with a proactive and solution-oriented mindset

Benefits

Health, dental and vision insurance
401(k)
Flexible spending account
Paid leave (including PTO and parental leave)

Company

ISC2 East Bay Chapter

twitter
company-logo
The mission of the ISC2 East Bay Chapter is to: Be Safe and Secure, Build a community for local professionals, Provide career development and CPE opportunities to our members, and Promote industry awareness and best practices.
dateFounded in 2014
location
San Ramon, California, US
people-size11-50 employees
web-link
https://isc2-eastbay-chapter.org/

Funding

Current Stage
Early Stage
Company data provided by crunchbase