Posted in

Staff Detection & Response Engineer

Staff Detection & Response Engineer

CompanyOkta
LocationToronto, ON, Canada
Salary$141000 – $211000
TypeFull-Time
Degrees
Experience LevelSenior, Expert or higher

Requirements

  • Experience in leading or contributing to technology-focused teams, large or small.
  • Mentoring staff and providing development opportunities to build high-performing teams.
  • Operating as, or providing support to, the incident commander or technical lead during cybersecurity incidents.
  • Developing advanced detection capabilities, working with detection-as-code, and automating the triage and response of alerts.

Responsibilities

  • Develop and refine security detections across Okta’s infrastructure and applications ensuring optimal coverage across the organization.
  • Create high-fidelity alerts that balance security visibility with operational efficiency.
  • Work with detection & response engineers to tune detections, reduce false positives, and enhance response workflows.
  • Investigate and respond to security incidents, working to quickly contain and remediate threats.
  • Take part in the DCO watch roster triaging alerts escalated via automated processes, internal reports, and third-party notifications.
  • Perform forensic analysis of security events, logs, and endpoints to determine root causes.
  • Develop and improve response playbooks and automation to streamline incident handling.
  • Build automation to improve detection and response workflows, reducing manual effort.
  • Integrate security tools and APIs for enhanced threat detection and data correlation.
  • Develop custom scripts and tooling to improve team efficiency and incident response capabilities.
  • Work closely with security engineers, threat intelligence teams, and platform engineering teams to ensure a holistic security approach.
  • Mentor and coach other engineers, providing technical guidance and support.
  • Stay up to date with the latest attack techniques and security trends to continuously improve Okta’s defenses.

Preferred Qualifications

  • Researching the tactics, techniques and procedures of sophisticated adversaries and hunting for evidence of them within an enterprise environment.
  • Developing detection and response validation techniques and automating tests to enable continuous assurance of defensive cyber capabilities.
  • Analysing critical systems to understand both how to break them and defend them against attack.
  • Working collaboratively within product and/or enterprise project teams, assisting to deliver large and complex technology solutions.