Identity is the key to unlocking the potential of AI. As an AEM DevSecOps Engineer at Okta, you will oversee and automate our AEM infrastructure with a primary focus on security, reliability, and automated compliance.

Key Responsibilities:

• Identity & Access Management: Configure and manage Auth0 integrations for AEM, including token validation, OIDC/SAML configurations, and custom login modules to ensure secure user authentication.

• Headless Security: Oversee the security of AEM Headless deployments, including protecting GraphQL endpoints, managing CORS policies, and ensuring secure communication for decoupled front-end frameworks (React/Angular).

• Edge & CDN Protection: Manage and configure CDN (e.g., Cloudflare, Akamai, or Adobe-managed CDN) to optimize performance and implement DDoS mitigation strategies.

• Traffic Filtering: Implement and maintain Traffic Filter Rules and Web Application Firewall (WAF) configurations at the CDN level to block malicious spikes and sophisticated application-layer attacks.

• Automated Security Scanning: Integrate security tools (SAST/DAST) and secrets detection into CI/CD pipelines (Jenkins, GitLab) to identify vulnerabilities early in the development cycle.

• Environment Hardening: Install and manage AEM author, publish, and dispatcher instances with a focus on Dispatcher security hardening, SSL certificate automation, and ModSecurity configurations.

• Observability & Incident Response: Monitor system performance and security logs using tools like Splunk or New Relic to proactively address threats and performance bottlenecks.

• Compliance Auditing: Regularly audit the platform and its integrations (Adobe Analytics, Target) to ensure alignment with corporate security policies and industry standards.

Required Skills & Experience:

• Experience: 5+ years in administering and securing AEM environments.

• Identity Services: Proven experience integrating Auth0 or similar Identity Providers (IdP) for enterprise-scale authentication.

• Architectural Knowledge: Strong understanding of Headless CMS security best practices, including API key management and JWT authentication.

• Network Security: Expertise in managing CDNs and implementing DDoS mitigation and WAF rules.

• Technical Stack: Proficiency in Apache Sling, JCR, OSGi, and web servers like Nginx or Apache.

• Automation: Hands-on experience with scripting (Python) and CI/CD tools (Jenkins, CircleCI) to automate security and deployment workflows.

• Cloud Experience: Experience with cloud-based AEM implementations, such as AEM as a Cloud Service (AEMaaCS) or AWS/Azure.

• Diagnostic Skills: Proficiency in analyzing log files, thread dumps, and heap dumps to resolve security incidents or performance outages.

The Okta Experience

• Supporting Your Well-Being

• Driving Social Impact

• Developing Talent and Fostering Connection + Community

We are intentional about connection. Our global community, spanning over 20 offices worldwide, is united by a drive to innovate. Your journey begins with an immersive, in-person onboarding experience designed to accelerate your impact and connect you to our mission and team from day one.

XML job scraping automation by YubHub

Fridtjof Nansen crossed the Arctic, going places no human had ever been. Together with our users, we're doing the same onchain , and someone needs to make sure we don't get killed on the way there.

We're building the single best platform for onchain investing , agentic trading, staking infrastructure, AI-powered analytics , and we're scaling fast. Fast enough that security can't be an afterthought bolted on later. It has to be built in, from the start, by someone who knows what they're doing.

Our mission:

Surface the signal and create winners.

What you'll do at Nansen

You'll be the person who makes sure we can move fast without breaking things that matter. That means embedding security into everything we build , cloud infrastructure, applications, CI/CD pipelines, AI systems, staking operations , across a generalist role that spans the full surface area.

• Run security assessments across systems, architectures, and code , find the vulnerabilities before someone else does
• Advise engineering teams on secure design decisions. You're a partner, not a blocker
• Deploy and maintain security infrastructure: SIEM, vulnerability scanning, endpoint protection, logging , the things that let us sleep at night
• Secure our CI/CD pipelines and deployment workflows end-to-end
• Own secrets management, key management, and access controls. No shortcuts
• Address LLM security head-on: API key management, prompt injection prevention, and the risks that come with shipping AI-powered products at speed
• Coordinate penetration tests and security audits with external vendors
• Create and maintain secure coding guidelines and code review processes that engineers actually follow
• Represent the Security Team in the incident response process
• Drive compliance readiness , SOC 2, ISO 27001 , pragmatically, not bureaucratically

What we're looking for

• You've built and hardened production security at scale , you know the difference between a policy document and an actually secure system
• Strong cloud security knowledge (AWS, GCP or equivalent). Container security and network security fundamentals
• Hands-on experience implementing security tooling, not just evaluating it
• Secrets and key management expertise , you've managed this at a company where it actually mattered
• You understand the security implications of AI/LLM and agent-based systems. This is new territory and we need someone thinking about it seriously
• CI/CD pipeline security is second nature
• Pragmatic about compliance , you can get us to SOC 2 without drowning the engineering team in process
• You don't just use AI as a tool. You think with it. AI-first isn't a checkbox , it's how you work
• Strong async communication skills , we're remote-first, Slack-and-docs-heavy, and EMEA hours are preferred for team overlap
• Bonus: blockchain, smart contract, or staking infrastructure security experience. Kubernetes and Terraform security. Incident response or security operations background

What we offer our crew

• Competitive salary. Meaningful equity. Real ownership in what you build
• Fully remote with two no-meeting days a week , because deep work doesn't happen in a Google Meet
• Annual company retreat and team off-sites in one of our offices: Singapore, Bangkok, London, and Oslo , flights and accommodation covered
• Unlimited AI tokens , Claude, OpenAI, whatever helps you move fast
• Your own OpenClaw for work
• Nansen Pro account: giving you full access to the most detailed onchain data in the market
• A team that started as data engineers and data scientists that has grown to over 80 builders. Your craft is respected here.
• Speed, ownership, curiosity, courage. These aren't values on a wall , they're how we run.
• A front-row seat (and a hand in building) the next chapter of finance

XML job scraping automation by YubHub