Senior Detection and Response Engineer (EMEA)


  • Full Time

Get to know Okta

Okta is The World’s Identity Company. We free everyone to safely use any technology—anywhere, on any device or app. Our Workforce and Customer Identity Clouds enable secure yet flexible access, authentication, and automation that transforms how people move through the digital world, putting Identity at the heart of business security and growth. 

At Okta, we celebrate a variety of perspectives and experiences. We are not looking for someone who checks every single box, we’re looking for lifelong learners and people who can make us better with their unique experiences. 

Join our team! We’re building a world where Identity belongs to you.

Information Security is a top business imperative here at Okta. In addition to driving security in our Corporate environment and Okta service, the Security team is deeply entrenched in the Okta business. As such, we contribute to product roadmaps, branding, research and other strategic aspects of our operations. We work across multiple functions, business partners and the research community. We are an engineering-focused team that seeks to stay on the cutting edge of security technology and the threat landscape.

The Defensive Cyber Operations (DCO) team is seeking an experienced detection and response engineer, with threat intelligence expertise to contribute to Okta’s detection and response programs responsible for defending the Okta platform, infrastructure and corporate environment.

The Role

You will operate as part of the DCO EMEA team, building and maintaining the detection capability to enable Okta’s intel-driven approach to defensive cyber operations. Core responsibilities include:

  • Analyse Okta’s systems in order to identify and close gaps in detection and response coverage
  • Orchestrate and automate the enrichment, triage and response steps required to respond to security related alerts
  • Provide subject matter expertise on cyber threat intelligence (CTI) to the EMEA team and work with CTI SMEs in other regions to coordinate DCO’s global CTI capability.  
  • Take part in the DCO watch roster triaging alerts escalated via automated processes and third-party notifications
  • Contribute expertise to the investigation, remediation and reporting of cyber security incidents
  • Identify the need for tools and data that will enable the continuous improvement of detection and response capabilities
  • Conduct targeted research to support detection development by identifying real world tactics, techniques and procedures used by threat actors of relevance to Okta and document findings.
  • Cultivate and maintain productive threat sharing relationships with external organizations to support DCO’s mission


What does it take?

You’re a team player. You have great communications skills and a thirst for knowledge. You’re curious about systems and how they interact, knowing that to properly defend a system you must first understand how it works. You enjoy automating tasks and if you can’t find a tool for the job you create one. You’re passionate about hunting for threat actors and love to dive deep into the data to look for evidence of malicious activity. You have a knack for synthesizing information from disparate data sources, understanding what’s relevant, and communicating your assessments to others.

If you don’t have a degree, you have equivalent experience that’s given you the foundational knowledge to understand complex computing environments.

Your experience probably includes:

  • Contributing to, technology focused teams large or small.
  • Providing support to the incident commander or technical lead during cyber security incidents.
  • Developing advanced detection capabilities and automating the triage and response of alerts they generate.


Ideally you also have experience in several of the following areas:

  • Researching the tactics, techniques and procedures of sophisticated adversaries and hunting for evidence of them within an enterprise environment.
  • Developing detection and response validation techniques and automating tests to enable continuous assurance of defensive cyber capabilities.
  • Analysing critical systems to understand both how to break them and defend them against attack.
  • Conducting cyber threat intelligence related activities such as campaign analysis, OSINT, threat actor research and tracking.
  • Ability to work independently and achieve outcomes with limited direct supervision 
  • Excellent communication and writing skills (work samples encouraged).



What you can look forward to as an Okta employee!

Okta cultivates a dynamic work environment, providing the best tools, technology and benefits to empower our employees to work productively in a setting that best and uniquely suits their needs. Each organization is unique in the degree of flexibility and mobility in which they work so that all employees are enabled to be their most creative and successful versions of themselves, regardless of where they live. Find your place at Okta today!

Okta is an Equal Opportunity Employer/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, ancestry, marital status, age, physical or mental disability, or status as a protected veteran. We also consider for employment qualified applicants with arrest and convictions records, consistent with applicable laws. If reasonable accommodation is needed to participate in the job application or interview process, please use this Form to request an accommodation.

Okta is committed to complying with applicable data privacy and security laws and regulations. For more information, please see our Privacy Policy at

Job Overview