ForgeApply · Job listing
Okta on Okta Identity Architect
Okta
Apply in about a minute — without sacrificing quality.
ForgeApply autofills this application and tailors your resume to this exact posting. You review everything before it's sent. Free trial, no card required.
About this role
Secure Every Identity, from AI to Human
Identity is the key to unlocking the potential of AI. Okta secures AI by building the trusted, neutral infrastructure that enables organizations to safely embrace this new era. This work requires a relentless drive to solve complex challenges with real-world stakes. We are looking for builders and owners who operate with speed and urgency and execute with excellence.
This is an opportunity to do career-defining work. We're all in on this mission. If you are too, let's talk.
The Okta on Okta Identity Architect Opportunity
This is not a traditional architect role. At Okta, an Okta on Okta Identity Architect is the premier technical execution tier above Principal Engineer—acting as the ultimate hands-on practitioner of our own cloud platform. While you won't be writing application code, you will get your hands dirty configuring, extending, and testing the boundaries of the platform. You are the builder who proves our platform works in the real world.
As organizations successfully adopt phishing-resistant MFA, attackers have shifted their tactics—increasingly deploying Adversary-in-the-Middle (AiTM) phishing kits and info-stealer malware to execute session hijacking via cookie theft. Furthermore, with the explosive rise of autonomous AI workloads, securing human identity is no longer enough; we must now protect and govern a fast-growing sprawl of non-human, agentic workflows.
Are you an elite engineer running Okta at a customer organization today? Have you ever configured our platform, pushed Okta Platform Services to their limits, and thought: "If I worked at Okta, I know exactly how we could make this platform better" ?
We are looking for a highly mature, technical leader who is already a deeply experienced, hands-on Okta customer practitioner to drive the technical execution of our Identity Security & Agentic Identity portfolio. In this role, you will transition from being an external customer to becoming the technical cornerstone of the internal "Okta on Okta" team, acting as Customer Zero. Reporting directly to the VP of IAM, you will configure, deploy, and battle-test cutting-edge platform features from Alpha through Early Availability (EA)—giving you the unique leverage to directly shape, influence, and improve the core Okta platform before these solutions scale globally.
Why This Role is Different
If you stay at a traditional customer organization, you can only deploy what we build. In this role, you get to cross the table, become the elite practitioner of a world-class security platform, get early access to cutting-edge features, and directly influence the future of the platform. You will collaborate directly with other top-tier engineers across our customer base and partner with the absolute pioneers of the identity industry to shape the tools you've spent your career using.
What You’ll Be Doing (Platform Execution & Impact)
• The Ultimate "Customer Zero" Platform Practitioner (Alpha to EA): Bring your real-world customer deployment perspective directly into our tenant. Act as the lead hands-on architect configuring and deploying Alpha platform capabilities within Okta’s own corporate IAM tenant. You will serve as the bridge to our core platform product teams, providing the vital, practitioner-level feedback that shapes final platform design.
• AI Agent & Agentic Identity Security: Lead the hands-on architecture and configuration of how the Okta Platform governs non-human, autonomous AI workloads across O4AA (Okta for AI Agents), defining secure authentication, token exchange, and authorization patterns.
• Designing Anti-Session Hijacking Defenses: Build the internal technical deployment blueprints for how Okta DBSSO and Chrome DBSC complement one another, leveraging Okta Identity Engine (OIE) to create an ironclad, layered defense that protects corporate endpoints from token and cookie exfiltration.
• Platform-to-Platform Collaboration: Act as a technical peer and trusted advisor to fellow hands-on practitioners at our customer organizations. You will share your direct, real-world tenant deployment experiences, trade-offs, and lessons learned with the engineers actually building and securing their Okta platforms in the wild.
• Sharing the Playbook: Contribute to our technical content efforts (such as a deep-dive "how-to" video series, co-hosting internal podcasts, or presenting to fellow practitioners in highly focused, interactive roundtable breakout sessions at Oktane) to share the actual deployment architectures, tenant configurations, and technical playbooks we've built.
What You’ll Bring To The Role
• Proven Okta Platform Expertise: Extensive, practical experience managing, configuring, and troubleshooting Okta in complex enterprise production environments. You possess active, hands-on mastery of the Okta Identity Engine (OIE), Directory Integrations, Advanced Policies, Workflows, and Okta Platform APIs— whether you learned this on the job or proved it through certifications.
• Protocol & Threat Literacy: Deep, hands-on knowledge of core protocols: OAuth2/OIDC (especially Token Exchange), SAML, mTLS, JWT, and Model Context Protocol (MCP). Strong technical understanding of modern identity threat vectors (AiTM phishing, info-stealer malware, session hijacking).
• Technical Influence: Serve as an equal technical peer to product management and product engineering, collaborating on feasibility, platform architecture paths, and real-world system behaviors.
• Practitioner Empathy & Communication: Exceptional ability to connect with and speak the language of other hands-on platform engineers and security administrators. You excel at translating highly complex platform configurations into clear, peer-to-peer technical explanations, whether in documentation, video walkthroughs, or collaborative technical workshops.
• Nice To Have: Okta Certified Administrator or Okta Certified Consultant (These are a great plus, but are not r
Salary insight
This posting doesn't disclose pay. Across 6,339 San Francisco jobs with disclosed salaries on ForgeApply, the median is $204k.
Based on live postings with disclosed pay on ForgeApply; refreshed daily. Not an estimate of this employer's offer.
Ready to apply to Okta?
Apply in about a minuteSimilar jobs
- Okta IAM Integration Engineer — Everops · Remote
- Senior Technical Architect, Okta — Okta · Washington, DC
- Cloud Infrastructure Architect, Okta Federal — Okta · Washington, DC
- Principal Technical Consultant, Okta — Okta · Washington, DC
- Principal Classified Systems Architect, Okta Federal — Okta · Washington, DC
- Director, Engineering - Okta Integration Network — Okta · San Francisco, California
- Senior Solutions Engineer, Okta (Mid Atlantic) — Okta · Maryland; Virginia; Washington, DC
- Director, Product Manager - Okta Identity Threat Detection and Response Products — Okta · Bellevue, Washington; Chicago, Illinois; New York, New York; San Francisco, California; Toronto, Ontario, Canada; Washington, DC
More like this: More jobs at Okta · Browse all jobs