Staff Vulnerability Management

**Get to know Okta**

Okta is The World’s Identity Company. We free everyone to safely use any technology—anywhere, on any device or app. Our Workforce and Customer Identity Clouds enable secure yet flexible access, authentication, and automation that transforms how people move through the digital world, putting Identity at the heart of business security and growth.

At Okta, we celebrate a variety of perspectives and experiences. We are not looking for someone who checks every single box - we’re looking for lifelong learners and people who can make us better with their unique experiences.

Join our team We’re building a world where Identity belongs to you.

What You'll Do
- Own the full lifecycle operations of Vulnerability Management AWS infrastructure, including designing new deployments as required
- Develop and maintain automation solutions leveraging AWS services integrated with custom software serving the Vulnerability and Asset Management functions for Okta Security
- Tend to the reliability needs of Okta Security’s Vulnerability Management infrastructure such as Infrastructure as code configurations, monitoring via AWS CloudWatch, and implementing alerting solutions leveraging a variety of AWS and web APIs
- Keep up with newly published vulnerabilities/ CVEs and zero-days.
- Support our partner teams with investigating vulnerability findings and remediation efforts, including software and operations engineers, IT staff and the broader Okta Security org.
- Monitor and maintain awareness of critical vulnerabilities, driving patch management or mitigating processes to reduce impact.
- Document, review and deliver requirements and recommendations related to vulnerability remediation which follow common industry standards and security frameworks.
- Assist business stakeholders in assessing risk and prioritizing vulnerability remediation. Assist in providing risk context to vulnerability reports given the infrastructure purpose.
- Understand the technical details of the published vulnerabilities as well as their real risk. Effectively communicate the perceived and real vulnerability impact.
- Assist in analyzing data from internet scanning tools in order to validate its accuracy.
- Validate vulnerability management changes for accuracy and completion to drive timely remediation of critical vulnerabilities.
- Confirm remediation via automated and manual retesting.
- Contribute to the definition of internal processes that allow for fast remediation of vulnerabilities to production systems.
- Assess new and existing scan technologies to determine potential value and risk to the enterprise and ensure risk beyond defined thresholds is appropriately treated.
- Monitor and respond to security inquiries, requests, and incidents as part of supporting the business through sound and timely cybersecurity response.
- Support audit, governance, risk and compliance teams in scanning and reporting on various regulatory compliance and industry best practices including PCI, ISO 27001/27017/27018, NIST SP 800-53, SOC 2 and FedRAMP.
- Participate in other special projects or strategic initiatives at the direction of the Security team.

Your Background
- 6+ years of multifaceted cyber security experience in a technology-centric company.
- Experience in building and innovating a vulnerability management program.
- Experience defining projects, including goals, resourcing, activities, targets, and milestones, and producing good effort estimations.
- Experience in having had hands-on responsibility for analyzing common vulnerabilities.
- Experience with commercial or open-source vulnerability scanners regarding at least one of these spaces: Infrastructure/ IP based Assets, Web Application, SAST, DAST, Containers.
- Functional knowledge of vulnerabilities, exploitation and remediation. You should be able to explain vulnerabilities and exploits as well as propose remediations for the most common vulnerabilities.
- Experience in building systems and solutions within a highly regulated environment.
- Familiarity with industry standards and frameworks such as CVE, CVSS, and OWASP.
- Solid understanding of security best practices in cloud environments.
- Proficiency in scripting and automation with Python
- Familiarity with other scripting and automation tools is a plus.
- Experience working with AWS Lambda or similar serverless computing environments for automating vulnerability management tasks
- Proficiency in working with AWS services such as S3, DynamoDB, API Gateway, and others
- Intermediate knowledge of TCP/IP.
- Experience developing threat models.
- Knowledge of at least one of AWS, GCP, Azure, etc.

Who you are
- You have a deep focus on execution, follow-through, accountability, and results.
- You have a growth mindset; You thrive on challenge, you see learnings and opportunities, not failures.
- You enjoy working with cross-functional teams and have exceptional stakeholder management skills.
- You surround yourself with