We are looking for builders and owners who operate with speed and urgency and execute with excellence. This is an opportunity to do career-defining work. We're all in on this mission. If you are too, let's talk.

The Team

The Okta Privileged Access Management (PAM) team is building the future of identity for machines, services, and applications. We are seeking a world-class Staff Engineer to help us architect and build the high-performance core of our non-human identity platform.

Your work, in close collaboration with our principal engineers and architects, will be the foundation of our strategy for managing privileged access in the modern enterprise. If you are a systems programmer who thrives on influencing the design of high-performance, concurrent, and resilient security software, this is the role for you.

What you’ll be doing

• Contribute to Core Architecture:
• Partner with principal engineers and architects to design and implement a low-latency, high-throughput secrets engine for non-human identities
• Solve for Massive Scale:
• Write highly concurrent, performance-critical code capable of handling millions of machine-to-machine authentication and authorization requests
• Shape Technical Strategy:
• Play a key role in defining the long-term technical roadmap for scalability and performance, ensuring our platform can meet the demands of the largest enterprises
• Mentor and Elevate:
• As a senior engineer on the team, you will work with junior engineers to help them advance their SDLC expertise.
• On-Call:
• Participate in the rotational on-call activities with SRE and product development team

What you’ll bring to the role

• Required Experience:
• 8+ years of professional software engineering experience, with a heavy focus on backend or systems-level development
• Bachelor’s or Master’s degree in Computer Science, or equivalent practical experience
• Core Technical Expertise:
• Deep, hands-on expertise in multi-platform Go development and building high-performance, concurrent applications
• Experience designing or operating distributed systems
• Experience with secure systems (authn/authz, encryption, TLS, token handling, PKI, CAs, diagnosing TLS issues)
• Deep expertise in distributed storage systems, with a focus on replication, backup, and restore, and data management. (Postgres, etc.)
• Direct experience designing, building, or contributing to a secrets management, service mesh, or machine identity platform
• Expert-level at ergonomic API design (gRPC/openAPI), and building for reliability at scale
• Deep knowledge of cloud-native infrastructure
• Key Attributes:
• You are driven by the challenge of optimizing systems for performance, latency, and throughput, with a proven ability to diagnose complex, multi-system issues
• You have a proven track record of making significant contributions to the architecture of complex, mission-critical systems
• You thrive in an environment where you can focus on deep technical problems
• Bonus Points:
• Experience at a leading Cybersecurity or Infrastructure-as-Code company
• Contributions to open-source projects in the identity, security, or infrastructure space

And extra credit if you have experience in any of the following!

• Deep expertise in backend systems engineering
• Experience building and scaling beyond standard three-tier monolithic architectures, with a focus on modern distributed systems
• Have worked on projects with complex, established systems
• Possess significant, hands-on experience in a Linux/Unix environment

XML job scraping automation by YubHub

Location

Remote - US; New York City; San Francisco; Seattle

Employment Type

Full time

Location Type

Remote

Department

Security

Compensation

• SF, Seattle or NYC $230K – $385K • Offers Equity
• Zone A $207K – $346.5K • Offers Equity
• Zone B $184K – $308K • Offers Equity

The base pay offered may vary depending on multiple individualized factors, including market location, job-related knowledge, skills, and experience. If the role is non-exempt, overtime pay will be provided consistent with applicable laws. In addition to the salary range listed above, total compensation also includes generous equity, performance-related bonus(es) for eligible employees, and the following benefits.

Benefits

• Medical, dental, and vision insurance for you and your family, with employer contributions to Health Savings Accounts
• Pre-tax accounts for Health FSA, Dependent Care FSA, and commuter expenses (parking and transit)
• 401(k) retirement plan with employer match
• Paid parental leave (up to 24 weeks for birth parents and 20 weeks for non-birthing parents), plus paid medical and caregiver leave (up to 8 weeks)
• Paid time off: flexible PTO for exempt employees and up to 15 days annually for non-exempt employees
• 13+ paid company holidays, and multiple paid coordinated company office closures throughout the year for focus and recharge, plus paid sick or safe time (1 hour per 30 hours worked, or more, as required by applicable state or local law)
• Mental health and wellness support
• Employer-paid basic life and disability coverage
• Annual learning and development stipend to fuel your professional growth
• Daily meals in our offices, and meal delivery credits as eligible
• Relocation support for eligible employees
• Additional taxable fringe benefits, such as charitable donation matching and wellness stipends, may also be provided.

About the Team

Security is at the foundation of OpenAI’s mission to ensure that artificial general intelligence benefits all of humanity.

The Security team protects OpenAI’s technology, people, and products. We are technical in what we build but operational in how we execute, and we support every product and research effort at OpenAI. Our tenets include prioritizing for impact, enabling researchers and developers, preparing for future transformative technologies, and fostering a strong, collaborative security culture.

About the Role

OpenAI is seeking a Security Software Engineer to join the Infrastructure Security (InfraSec) team.

InfraSec safeguards the core of OpenAI’s research and production environments—GPU supercomputing clusters, multi-cloud infrastructure, datacenters, networking, storage, and the critical services that power our frontier AI models. Our charter spans everything from bare-metal hardware and firmware to Kubernetes clusters, service meshes, and the data pathways that carry highly sensitive model weights and user data.

As a Security Software Engineer, you will design and build critical foundational services, such as authentication systems, egress/ingress proxies, access brokers, and key management platforms, that demand high standards of reliability, scalability, and software craftsmanship. These systems form the security backbone of OpenAI’s supercomputing environment and must remain robust under intense scale and adversarial pressure.

In this role, you will:

• Architect and implement production-grade security services (e.g., auth services, access brokers, secure proxies, key-management infrastructure) that provide strong guarantees across hardware, operating systems, Kubernetes, networks, and CI/CD.
• Partner with infrastructure and research engineers to embed security into high-performance compute clusters, enabling rapid model training and deployment without compromising protection.
• Develop automation and detection tooling to continuously identify and mitigate risks in large-scale cloud and on-prem environments.
• Drive high-impact initiatives such as line-speed encryption, machine identity, and network isolation, continuously raising the security bar for emerging AI workloads.
• Lead or participate in design reviews and threat models to ensure new systems launch with strong security foundations and operational excellence.

You will thrive in this role if you have:

• Strong software engineering skills in languages such as Python, Go, Rust, or C/C++, with a track record of shipping and operating high-reliability distributed services.
• Experience building or operating critical security infrastructure (e.g., auth services, service-to-service proxies, certificate or key-management systems).
• Deep understanding of security principles, best practices, and common vulnerabilities.
• Expertise in securing large-scale cloud platforms (e.g., Azure, AWS, GCP), including multi-cloud networks and cloud-agnostic system design.
• Familiarity with container and orchestration security (Kubernetes, service meshes) and modern authentication/authorization standards (OIDC, mTLS, SPIFFE/SPIRE).
• A proactive mindset, with the ability to identify and address security gaps or inefficiencies through automation and tooling.
• A track record of delivering scalable solutions and driving impactful changes across infrastructure in real-world projects.
• Strong analytical and problem-solving skills, with an ability to think critically and objectively assess security risks.
• Excellent communication skills, with the ability to convey complex security concepts to technical and non-technical stakeholders.
• Excitement about collaborating

XML job scraping automation by YubHub