We are looking for a Staff Software Engineer that will join the Auth0 Security Engineering organization. You9ll be responsible for designing and building the security guardrails for our multi-cloud environment, translating complex security and compliance standards into programmatic, code-driven policies. What You Will Do - Cloud Security Strategy: Design organization-wide controls (SCPs, Azure Policy) that provide maximum protection with minimum developer friction. - Identity & Access Management (IAM): Architect templates and permission boundaries that govern how services and humans interact with our cloud environment with the principle of least privilege in mind. - Infrastructure & Network Security: Define the security standards for VPC architecture, edge networking, and cross-account connectivity. - Platform Security Architecture: Lead platform-related security reviews for new features and high-impact services, ensuring security is baked into the design phase. - System Design: Design systems and processes to validate the security posture of the platform, ensuring our security policies are enforced in real-time with actionable feedback for engineering teams. - Mentorship & Influence: You raise the bar for the entire organization by mentoring junior engineers and influencing senior leadership on critical security decisions. What You Bring - Cloud & Infrastructure Expertise: 8+ years of proven experience in information security, specifically within cloud-native environments, Kubernetes (EKS, AKS), and cloud security. - Network Architecture & PKI: Deep understanding of secure networking principles, including VPC peering/transit gateways, VPN implementations, edge protection, and managing public/private PKI infrastructures. - Policy & Automation Specialist: Strong background in building automated controls for enforcing Policy-as-Code within Terraform workflows. - Practical Risk Assessments: Hands-on experience identifying attack vectors and conducting risk assessments for complex, distributed systems. - Tooling & AI Proficiency: Experience working with security platforms for analyzing cloud permissions and a background or interest in applying AI to streamline security tasks and governance. - Collaborative Influencer: Exceptional communication skills with a track record of aligning multiple teams toward shared security goals. - Education: A Bachelor9s degree in Computer Science, Information Security, Systems Engineering, or a related field. Nice to Have - Experience navigating compliance frameworks such as FedRAMP, SOC2, or HIPAA in a cloud environment. - Proficiency in one or more languages used for automation and tooling, such as Python, Go, or JavaScript. - Experience creating, managing, and securing containerized environments. - Experience with service mesh (Istio) security policies and zero-trust networking. Additional requirements: - This position requires the ability to access federal environments and/or have access to protected federal data. As a condition of employment for this position, the successful candidate must be able to submit documentation establishing U.S. Person status (e.g. a U.S. Citizen, National, Lawful Permanent Resident, Refugee, or Asylee. 22 CFR 120.15) upon hire. #LI-HYBRID #LI-SH1 Below is the annual base salary range for candidates located in California (excluding San Francisco Bay Area), Colorado, Illinois, New York and Washington. Your actual base salary will depend on factors such as your skills, qualifications, experience, and work location. In addition, Okta offers equity (where applicable), bonus, and benefits, including health, dental and vision insurance, 401(k), flexible spending account, and paid leave (including PTO and parental leave) in accordance with our applicable plans and policies. To learn more about our Total Rewards program please visit: https://rewards.okta.com/us. The annual base salary range for this position for candidates located in California (excluding San Francisco Bay Area), Colorado, Illinois, New York, and Washington is between: $174,000-$239,000 USD