Staff Vulnerability Management Analyst - Federal jobs in United States
cer-icon
Apply on Employer Site
company-logo

Okta · 22 hours ago

Staff Vulnerability Management Analyst - Federal

positionWashington, DC
timeFull-time
remoteOnsite
senioritySenior Level, Lead/Staff
money$180K/yr - $270K/yr
date5+ years exp

Okta is The World’s Identity Company, dedicated to providing secure access and authentication solutions. The Staff Vulnerability Management Analyst for Public Sector will play a key role in executing the Vulnerability Management Program’s strategy, collaborating with various teams to strengthen Okta’s security posture.

CRMEnterprise SoftwareIdentity ManagementIT InfrastructureManagement Information SystemsSoftwareWeb Development
badNo H1BnoteU.S. Citizen Onlynote

Responsibilities

Own the full lifecycle operations of Asset and Vulnerability Management scanning and reporting infrastructure, including designing new cloud based and on-prem deployments as required
Assess new and existing scan technologies to determine potential business value
Monitor and respond to security inquiries, requests, and incidents, understanding the technical details of the published vulnerabilities as well as their real risk. Effectively communicate the perceived and real vulnerability impact given the infrastructure context
Contribute to the definition and execution of internal processes that allow for accelerated remediation of critical vulnerabilities and zero-days
Support audit, governance, risk and compliance teams in scanning and reporting on various regulatory compliance and industry best practices including PCI, ISO 27001/27017/27018 , NIST SP 800-53 and SOC 2
Assist Okta’s Public Sector compliance team in their preparation and maintenance of POAMs (Plan of Action & Milestones) and Continuous Monitoring (ConMon) processes
Track and manage weaknesses or gaps in vulnerability related security controls, outlining tasks, required resources, milestones, and scheduled completion dates to achieve compliance with standards like NIST 800-171 and CMMC
Participate in other special projects or strategic initiatives at the direction of the Security team

Qualification

Vulnerability ManagementCyber SecurityVulnerability Scanning SolutionsAWS ServicesPythonCompliance StandardsStakeholder ManagementCross-functional CollaborationGrowth Mindset

Required

5+ years of multifaceted cyber security experience in a technology-centric company
5+ years of experience in building vulnerability scanning solutions within a highly regulated environment such as FedRamp High, IL4, IL5 and/ or IL6
Current or previous Secret, Top Secret (TS) or Top Secret/Sensitive Compartmented Information (TS/SCI) clearance is a plus
Experience with commercial or open-source vulnerability and misconfiguration scanners and reporting tools regarding Infrastructure/ IP based Assets, Containers, CSPM and CNAPP. Examples: Qualys, Tenable, Prisma Cloud, Wiz, Orca, Lacework, Paramify, Atlassian Jira, ServiceNow etc
Functional knowledge of vulnerabilities, exploitation and remediation. You should be able to explain vulnerabilities and exploits as well as propose remediations for the most common vulnerabilities
Familiarity with industry standards, frameworks and publications such as CVE, CVSS, EPSS, OWASP and CISA KEV catalog
Proficiency in scripting and automation with Python. Familiarity with other scripting and automation tools is a plus
Experience working with AWS Lambda or similar serverless computing environments for automating vulnerability management scanning and reporting tasks
Proficiency in working with AWS services such as S3, DynamoDB, API Gateway, and others
Bachelor's degree in Computer Science, Computer Engineering, or equivalent experience
This position requires the ability to access federal environments and/or have access to protected federal data. As a condition of employment for this position, the successful candidate must be able to submit documentation establishing U.S. Person status (e.g. a U.S. Citizen, National, Lawful Permanent Resident, Refugee, or Asylee. 22 CFR 120.15) upon hire

Benefits

Health, dental and vision insurance
401(k)
Flexible spending account
Paid leave (including PTO and parental leave)

Company

Okta

twittertwittertwitter
Glassdoor3.6
company-logo
Okta is a management platform that secures critical resources from cloud to ground for workforce and customers.
dateFounded in 2009
location
San Francisco, California, USA
people-size5001-10000 employees
web-link
http://www.okta.com

Funding

Current Stage
Public Company
Total Funding
$1.23B
Key Investors
Sequoia CapitalAndreessen Horowitz
2020-06-08Post Ipo Equity· $1B
2017-04-06IPO
2017-03-30Secondary Market

Leadership Team

leader-logo
Todd McKinnon
CEO & Co-Founder
linkedin
leader-logo
Frederic Kerrest
Vice-Chairman & Co-Founder
linkedin

Recent News

BiometricUpdate.com
Biometrics projects scale to meet great expectations, from borders to payments
2026-01-18
BiometricUpdate.com
Okta begins beta test of digital identity verification for US mDLs
2026-01-16
CRN
New Okta Channel Chief Laura Padilla On Plans To ‘Invest More Heavily’ In Partners
2026-01-16
Company data provided by crunchbase