We use cookies. Find out more about it here. By continuing to browse this site you are agreeing to our use of cookies.
I agree and accept cookies
Main menu
Post a Job
Request a Demo
Yes
No
Both
Advanced search
#alert
Back to search results / More jobs like this
Back to search results
New
Okta jobs

Staff Vulnerability Management Analyst - Federal

Okta
vision insurance, flexible benefit account, parental leave, 401(k)
United States, California, San Francisco
Jan 28, 2026

Get to know Okta

Okta is The World's Identity Company. We free everyone to safely use any technology, anywhere, on any device or app. Our flexible and neutral products, Okta Platform and Auth0 Platform, provide secure access, authentication, and automation, placing identity at the core of business security and growth.

At Okta, we celebrate a variety of perspectives and experiences. We are not looking for someone who checks every single box - we're looking for lifelong learners and people who can make us better with their unique experiences.

Join our team! We're building a world where Identity belongs to you.

Staff Vulnerability Management Analyst

The Okta Security team's mission is to strengthen Okta's position as the leading Identity-as-a-Service solutions through identifying and resolving risks to the employees, product, and most importantly, our customers. With the ever-increasing pace of cloud application adoption, companies are struggling to find ways to accurately assess risk and act at the speed of their business.

The Staff Vulnerability Management Analyst for Public Sector is a key member of the Okta Security team and an essential collaborator with our broader Engineering organization playing a key part in executing the Vulnerability Management Program's strategy. The Vulnerability Management Program is a crucial pillar of the security organizations' imperative to reduce the threats to Okta's infrastructure and applications. You'll be an integral part of building and sustaining strong and effective relationships across Okta with our Engineering, Product and Business Technology counterparts.

What You'll Do



  • Own the full lifecycle operations of Asset and Vulnerability Management scanning and reporting infrastructure, including designing new cloud based and on-prem deployments as required.
  • Assess new and existing scan technologies to determine potential business value.
  • Monitor and respond to security inquiries, requests, and incidents, understanding the technical details of the published vulnerabilities as well as their real risk. Effectively communicate the perceived and real vulnerability impact given the infrastructure context.
  • Contribute to the definition and execution of internal processes that allow for accelerated remediation of critical vulnerabilities and zero-days.
  • Support audit, governance, risk and compliance teams in scanning and reporting on various regulatory compliance and industry best practices including PCI, ISO 27001/27017/27018 , NIST SP 800-53 and SOC 2.
  • Assist Okta's Public Sector compliance team in their preparation and maintenance of POAMs (Plan of Action & Milestones) and Continuous Monitoring (ConMon) processes.
  • Track and manage weaknesses or gaps in vulnerability related security controls, outlining tasks, required resources, milestones, and scheduled completion dates to achieve compliance with standards like NIST 800-171 and CMMC.
  • Participate in other special projects or strategic initiatives at the direction of the Security team.



Your Background



  • 5+ years of multifaceted cyber security experience in a technology-centric company.
  • 5+ years of experience in building vulnerability scanning solutions within a highly regulated environment such as FedRamp High, IL4, IL5 and/ or IL6.
  • Current or previous Secret, Top Secret (TS) or Top Secret/Sensitive Compartmented Information (TS/SCI) clearance is a plus.


  • Experience with commercial or open-source vulnerability and misconfiguration scanners and reporting tools regarding Infrastructure/ IP based Assets, Containers, CSPM and CNAPP. Examples: Qualys, Tenable, Prisma Cloud, Wiz, Orca, Lacework, Paramify, Atlassian Jira, ServiceNow etc.
  • Functional knowledge of vulnerabilities, exploitation and remediation. You should be able to explain vulnerabilities and exploits as well as propose remediations for the most common vulnerabilities.
  • Familiarity with industry standards, frameworks and publications such as CVE, CVSS, EPSS, OWASP and CISA KEV catalog.
  • Proficiency in scripting and automation with Python. Familiarity with other scripting and automation tools is a plus.
  • Experience working with AWS Lambda or similar serverless computing environments for automating vulnerability management scanning and reporting tasks.
  • Proficiency in working with AWS services such as S3, DynamoDB, API Gateway, and others.



Who you are



  • You have a deep focus on execution, follow-through, accountability, and results.
  • You have a growth mindset; You thrive on challenge, you see learnings and opportunities, not failures.
  • You enjoy working with cross-functional teams and have exceptional stakeholder management skills.
  • You surround yourself with high energy, thriving teams to achieve quality outcomes.



Qualifications:





    • Bachelor's degree in Computer Science, Computer Engineering, or equivalent experience.




Additional requirements:



  • This position requires the ability to access federal environments and/or have access to protected federal data. As a condition of employment for this position, the successful candidate must be able to submit documentation establishing U.S. Person status (e.g. a U.S. Citizen, National, Lawful Permanent Resident, Refugee, or Asylee. 22 CFR 120.15) upon hire.


#LI-HYRBRID

P24528_3344434

The annual base salary range for this position for candidates located in the San Francisco Bay area is between:
$180,000 $270,000 USD

Below is the annual base salary range for candidates located in California (excluding San Francisco Bay Area), Colorado, Illinois, New York and Washington. Your actual base salary will depend on factors such as your skills, qualifications, experience, and work location. In addition, Okta offers equity (where applicable), bonus, and benefits, including health, dental and vision insurance, 401(k), flexible spending account, and paid leave (including PTO and parental leave) in accordance with our applicable plans and policies. To learn more about our Total Rewards program please visit: https://rewards.okta.com/us.

The annual base salary range for this position for candidates located in California (excluding San Francisco Bay Area), Colorado, Illinois, New York, and Washington is between:
$161,000 $241,000 USD

What you can look forward to as a Full-Time Okta employee!



  • Amazing Benefits
  • Making Social Impact
  • Developing Talent and Fostering Connection + Community at Okta


Okta cultivates a dynamic work environment, providing the best tools, technology and benefits to empower our employees to work productively in a setting that best and uniquely suits their needs. Each organization is unique in the degree of flexibility and mobility in which they work so that all employees are enabled to be their most creative and successful versions of themselves, regardless of where they live. Find your place at Okta today! https://www.okta.com/company/careers/.

Some roles may require travel to one of our office locations for in-person onboarding.

Okta is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, ancestry, marital status, age, physical or mental disability, or status as a protected veteran. We also consider for employment qualified applicants with arrest and convictions records, consistent with applicable laws.

If reasonable accommodation is needed to complete any part of the job application, interview process, or onboarding please use this Form to request an accommodation.

Okta is committed to complying with applicable data privacy and security laws and regulations. For more information, please see our Personnel and Job Candidate Privacy Notice athttps://www.okta.com/legal/personnel-policy/.

Applied = 0
MORE JOBS LIKE THIS

(web-54bd5f4dd9-d2dbq)