Posted in

Senior Devsecops Engineer – Enterprise Data

Senior Devsecops Engineer – Enterprise Data

CompanyOkta
LocationSan Francisco, CA, USA, Chicago, IL, USA
Salary$136000 – $228000
TypeFull-Time
Degrees
Experience LevelSenior

Requirements

  • 5+ years of experience automating and deploying large-scale production services in AWS, ECS, and EKS.
  • 5+ years of experience managing CI/CD infrastructures, with strong proficiency in tools like GitHub Actions, Jenkins, ArgoCD, GitLab, or any CI/CD tool to streamline deployment pipelines and ensure efficient software delivery.
  • 5+ years of experience with Python, Go, or similar backend languages.
  • Strong experience in security practices, AWS network engineering, and familiarity with configuration management tools like Chef and Terraform.
  • Proven record of designing automated systems that secure the software supply chain and SDLC systems.
  • Experience in designing, building, and managing complex deployment pipelines.
  • Security certifications from ISC(2), GIAC, SANS, etc., are a plus.
  • This position requires the ability to access federal environments and/or have access to protected federal data. As a condition of employment for this position, the successful candidate must be able to submit documentation establishing U.S. Person status (e.g. a U.S. Citizen, National, Lawful Permanent Resident, Refugee, or Asylee. 22 CFR 120.15) upon hire.

Responsibilities

  • Build scalable and extensible platforms, services, and tools using Java, Python, Go, and other relevant technologies, with a focus on ensuring automation, reliability, and security across the AWS cloud environment.
  • Work with data engineers to design and implement Secure Development Lifecycle practices into automated CI/CD pipelines.
  • Strengthen Okta’s software supply chain security posture, including pipeline security, delivery tools, key and configuration management, and Software Bill of Materials (SBOM) generation.
  • Investigate vulnerability findings within the environment and coordinate remediation efforts in collaboration with other IT teams and subject matter experts.
  • Ensure adherence to industry security standards (e.g., SOC 2, GDPR, HIPAA, ISO 27001/27017/27018, NIST SP 800-53, and FedRAMP).
  • Ensure application security tooling (DAST, SAST, SCA, credential scans) coverage in code repositories and deployment pipelines.

Preferred Qualifications

  • Security certifications from ISC(2), GIAC, SANS, etc., are a plus.