Staff Network Security Engineer


Location: United States

Job Type: Full time


Get to know Okta

Okta is The World’s Identity Company. We free everyone to safely use any technology—anywhere, on any device or app. Our Workforce and Customer Identity Clouds enable secure yet flexible access, authentication, and automation that transforms how people move through the digital world, putting Identity at the heart of business security and growth.

At Okta, we celebrate a variety of perspectives and experiences. We are not looking for someone who checks every single box - we’re looking for lifelong learners and people who can make us better with their unique experiences.

Join our team! We’re building a world where Identity belongs to you.

The BT Engineering Services Team

Business Technology is on a mission to accelerate Okta’s scale and growth. We bring world-class business acumen and technology expertise to every interaction. We also drive cross-functional collaboration and are focused on delivering measurable business outcomes.

The Business Technology (BT) Engineering Services team comprises smart and innovative engineers who welcome challenges and enjoy seeing our designs run at scale with automation, testing, and tuning. Above all, we are a team that touches every point of the business and is obsessed with the end-user experience.

Network Security Engineer Opportunity

The role of the Staff Network Security Engineer is pivotal to the success and integrity of our business operations. In an era where digital threats are ever-evolving, the expertise and diligence of our network engineering team are crucial in ensuring the confidentiality, integrity, and availability of our critical assets. By designing, implementing, and managing robust security measures using various technologies from multiple vendors, this role directly contributes to safeguarding our network infrastructure against a myriad of potential threats. The Staff Network Security Engineer's responsibilities span from overseeing access control policies and maintaining PKI systems to implementing advanced solutions like DLP, CASB, VPN, and SWG to fortify our organization against cyber risks. Additionally, their proficiency in cloud Infrastructure providers such as AWS is essential in securing our cloud environments. In essence, this position plays a vital role in creating a secure digital environment that enables our business to thrive by mitigating risks, protecting sensitive information, and ensuring the continuity of our operations.

What you’ll be doing

  • Design, implement, and manage network security infrastructure.
  • Configure and troubleshoot network firewalls to ensure optimal network security.
  • Manage and support the deployment of Network Access Control (NAC) solutions to enhance overall network security posture.
  • Administer and maintain Public Key Infrastructure (PKI) systems, ensuring the security and integrity of digital certificates.
  • Implement and manage Data Loss Prevention (DLP) solutions to safeguard sensitive information.
  • Oversee Cloud Access Security Broker (CASB) implementation and policies to secure cloud-based applications and services.
  • Configure and manage Virtual Private Network (VPN) solutions to enable secure remote access.
  • Implement and maintain Secure Web Gateway (SWG) solutions to protect against web-based threats.
  • Possess experience in AWS networking, including designing and securing network architectures within AWS cloud environments.
  • Conduct regular security assessments and audits to identify vulnerabilities and recommend corrective actions.
  • Provide expertise in the design and implementation of secure communication protocols and encryption techniques.
  • Respond promptly to security incidents, conduct thorough investigations, and implement corrective actions.
  • Stay abreast of security threats and proactively implement measures to mitigate risks.
  • Collaborate with compliance teams to ensure adherence to data protection and privacy regulations.
  • Enforce the principle of least privilege and regularly review and update access permissions.
  • Collaborate with cross-functional teams, including IT, Security, development, and business units, to understand requirements and deliver integrated solutions.
  • Act as a liaison between technical and non-technical stakeholders to ensure alignment on engineering goals.
  • Participate in post-implementation reviews and incorporate lessons learned into future projects.

What you’ll bring to the role

  • Minimum of 8 years of hands-on experience in network engineering, focusing on network security tools and integrations.
  • Proven track record of successfully leading and delivering complex projects in a senior role.
  • In-depth knowledge and hands-on experience with Palo Alto Networks technology.
  • Proficiency in configuring and managing Network Access Control (NAC) solutions.
  • Strong understanding of certificates, PKI, and encryption protocols.
  • Experience with Data Loss Prevention (DLP), Cloud Access Security Broker (CASB), Virtual Private Network (VPN), and Secure Web Gateway (SWG) solutions.
  • Hands-on experience with AWS networking and security services.
  • Proven track record of successfully implementing and managing network security solutions.
  • Excellent analytical and problem-solving skills.
  • Strong communication and collaboration skills to work effectively with cross-functional teams.
  • Proven success in navigating and adhering to industry-specific compliance requirements.
  • Certifications such as Palo Alto Networks Certified Network Security Engineer (PCNSE) or equivalent are strongly desired.
  • Possess relevant security certifications such as CISSP, CISM, or equivalent or desire to obtain them strongly desired.

Below is the annual On Target Compensation (OTE) range for candidates located in California, Colorado, New York and Washington. Your actual OTE, which is inclusive of base salary and incentive compensation, will depend on factors such as your skills, qualifications, experience, and work location. In addition, Okta offers equity (where applicable) and benefits, including health, dental and vision insurance, 401(k), flexible spending account, and paid leave (including PTO and parental leave) in accordance with our applicable plans and policies. To learn more about our Total Rewards program please visit:

The annual OTE range for this position for candidates located in California, Colorado, New York, and Washington is between:$151,000$227,000 USD The OTE range for this position for candidates located in the San Francisco Bay area is between:$170,000$254,000 USD

What you can look forward to as an Okta employee!

Okta cultivates a dynamic work environment, providing the best tools, technology and benefits to empower our employees to work productively in a setting that best and uniquely suits their needs. Each organization is unique in the degree of flexibility and mobility in which they work so that all employees are enabled to be their most creative and successful versions of themselves, regardless of where they live. Find your place at Okta today!

Okta is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, ancestry, marital status, age, physical or mental disability, or status as a protected veteran. We also consider for employment qualified applicants with arrest and convictions records, consistent with applicable laws. If reasonable accommodation is needed to participate in the job application or interview process, please use this Form to request an accommodation.

Okta is committed to complying with applicable data privacy and security laws and regulations. For more information, please see our Privacy Policy at