Senior Product Security Engineer, Red Team

Senior Security Infrastructure Engineer, Red Team

Within the Product Security team, our Red Team delivers robust security assurance for Okta's products, services, and infrastructure.  You will be the team's dedicated infrastructure and tooling engineer, the first person in this role for a small team of operators. You will work alongside operators but not report through an operator chain; you'll collaborate as a peer focused on a different discipline.

We seek a Staff Security Infrastructure Engineer to own the engineering backbone that enables our operations. This is not a traditional operator role but a dedicated infrastructure, tooling, and automation engineering position embedded within the Red Team.  You will design, build, maintain, and continuously improve the platforms, infrastructure, and custom tooling that our operators depend on to execute engagements.

Your work directly enables the team to operate at a higher maturity level: faster infrastructure deployment, more resilient and OPSEC-aware architecture, automated workflows, and reliable custom tooling, freeing operators to focus on the mission.  Your role will also extend to cultivating stakeholder collaboration and elevating our company’s security posture through strategic engagement and proactive measures.  As the team matures, this role can evolve toward platform leadership, custom capability development, or a hybrid operator/engineer path.

What You Will Do

• Infrastructure Engineering & Automation:
• Own the full lifecycle of red team infrastructure: design, provisioning, configuration, maintenance, and teardown
• Build and maintain Infrastructure-as-Code (IaC) using Terraform (or equivalent) to automate deployment of C2 servers, redirectors, phishing infrastructure, payload-delivery systems, and supporting services.
• Resource and asset lifecycle management through tracking domains, certificates, cloud accounts, recurring expenses, and infrastructure resources; managing acquisition, rotation, and retirement.
• Tooling Development & Maintenance:
• Develop, maintain, and improve custom tools, scripts, and automation to support red team operations (e.g., payload generation pipelines, log aggregation, C2 profile management, infrastructure health checks), providing on-demand infrastructure/tooling support when issues or gaps arise.
• Collaborate closely with operators during engagement planning to understand infrastructure requirements, OPSEC constraints, and operational timelines.
• Building and maintaining a representative test environment for pre-operation validation of tools and tradecraft against a security stack similar to the target.
• Maintaining the team's source code repository with merge/pull request processes, documentation, and code quality standards.
• Ensuring engagement evidence, infrastructure logs, and operational data are centrally collected and accessible for reporting and after-action reviews.
• Contribute to and maintain metrics that demonstrate infrastructure maturity, operational efficiency, and readiness (e.g., deployment time, rebuild time, infrastructure availability during engagements).
• Security & OPSEC:
• Design infrastructure with OPSEC as a first-class requirement: network segmentation, traffic separation between operations, credential management, and access controls 
• Implement and manage secure access to red team infrastructure
• Create and update operational runbooks, infrastructure documentation, and SOPs for the team.
• Maintain clear records of infrastructure ownership and attribution to support deconfliction processes.

What You Bring

Required

• 5+ years of professional experience in infrastructure engineering, DevOps, platform engineering, or a similar role with significant automation responsibilities
• Strong familiarity with Terraform (or equivalent IaC tooling) for multi-cloud infrastructure provisioning and management
• Experience operating in cloud-native, SaaS, or identity-focused environments
• Strong proficiency with configuration management tools (Ansible, or equivalent)
• Proficiency in at least one systems programming or scripting language (Python, Go, Bash) with disciplined development practices (version control, code review, testing, documentation)
• Solid understanding of Linux systems administration, networking fundamentals (DNS, HTTP/S, TCP/IP, proxying, TLS), and cloud platforms (AWS, GCP, or Azure)
• Understanding of OPSEC principles as they apply to offensive infrastructure — you know why redirector chains, domain categorization, traffic separation, and certificate management matter.

Strongly Preferred

• Experience building and maintaining CI/CD pipelines (GitHub Actions, GitLab CI, Jenkins, or similar)
• Familiarity with containerization and orchestration (Docker, Kubernetes) as applicable to tooling and lab environments
• Familiarity with C2 frameworks (Cobalt Strike, Mythic, Sliver, or similar) from an infrastructure and deployment perspective — you don't need to operate them, but you need to understand what operators need from the infrastructure
• Familiarity with detection evasion concepts as they relate to infrastructure (e.g., traffic shaping, hosting provider reputation, certificate transparency)

Nice to Have

• Working knowledge of Blue Team operations and related technologies
• Experience with security tool development (implant development, payload engineering, evasion tooling) — this role can grow in that direction
• Familiarity with Red Team maturity models and how infrastructure/tooling capabilities map to organizational maturity 

Note: This is not an operator role. You will not be the person running hands-on-keyboard engagements as your primary function. While you may participate in operations to understand requirements or provide support, your core mission is ensuring the team's infrastructure, workflows, tooling, and automation are reliable, repeatable, and mature. You are the engineering foundation the operators build on.

#LI-TM

#LI-Hybrid

(P22302_3403905)