Senior Director, Defensive Cyber Operations

We safeguard Okta from threats and vulnerabilities that have the potential to disrupt our business or degrade our customers’ trust in us.

In addition to driving security in our enterprise environment and Okta service, the Security team is deeply entrenched in the Okta business. The team contributes to product roadmaps, promoting trust, research and other strategic aspects of Okta’s operations. We work across multiple functions, business partners and the research community. We are an engineering-focused team that seeks to stay on the cutting edge of security technology and the threat landscape.

The Role

Okta is seeking an experienced Senior Director of Defensive Cyber Operations to lead our global threat detection and incident response efforts. Reporting to the VP of Cyber Defense, this role is responsible for safeguarding Okta’s product and enterprise environments by overseeing a global cybersecurity team distributed across Asia Pacific and Japan (APJ), Europe, and North America. The Senior Director will drive the strategic vision, operational execution, and continuous enhancement of our threat detection and incident response capabilities.

This leadership position requires a technical and operational expert with extensive experience in modern threat detection and incident response practices. The ideal candidate will be adept at managing large, distributed teams and capable of making high-stakes decisions in fast-paced, complex environments.

The successful candidate will report directly to the VP of Cyber Defense in Okta’s Security team. 

Core Responsibilities

Leadership, Collaboration & Strategy

• Lead a global team of cybersecurity professionals who develop innovative detection capabilities, hunt for suspicious activity, monitor alerts and escalations, respond to cybersecurity incidents across APJ, Europe, and North America.
• Foster a culture of excellence, collaboration, and continuous improvement within the team, providing mentorship, performance management, and career development opportunities.
• Define the next iteration of Okta’s global strategy and vision for threat detection and incident response capabilities, ensuring alignment with the broader cyber defense and business strategies.
• Partner with engineering, product, IT, and compliance teams to ensure security monitoring and response processes are integrated into Okta’s product lifecycle and enterprise infrastructure.
• Lead continuous improvement initiatives to strengthen Okta’s cyber defense posture, leveraging automation and advanced analytics.
• Ensure the team is prepared for emerging threats through regular participation in purple team exercises and development and execution of tabletop simulations.
• Act as a trusted cybersecurity advisor to senior leadership, providing regular briefings on detection and response metrics, incident post-mortems, and overall security posture.
• Collaborate with the Legal, People, and Compliance teams on investigations, regulatory reporting, and security-related audits.

Threat Hunting

• Develop and oversee the execution of proactive threat hunting programs to identify and mitigate advanced persistent threats (APTs) and sophisticated adversaries targeting Okta’s infrastructure.
• Collaborate with the Threat Analysis & Research team to integrate threat intelligence and adversarial engineering into detection and response efforts, staying ahead of new and emerging cyber threats.
• Establish metrics and reporting to demonstrate the effectiveness and coverage of threat-hunting activities.

Threat Detection & Monitoring

• Maintain and prioritize technical and non-technical requirements for the detection and response function, liaising with key business partners to ensure the timely and effective delivery of required technologies, access and shared processes.
• Prioritize detection opportunities and ensure a robust detection development process with an ongoing quality assurance program in order to maintain an effective suite of detection capabilities.
• Collaborate with the Defensive Cyber Engineering, Threat Analysis & Research, and Insider Threat teams to ensure continuous tuning and improvement of detection capabilities based on evolving threat landscapes.
• Drive automation and orchestration of security operations to optimize response times and reduce manual processes.

Incident Response

• Lead the global response to cybersecurity incidents, ensuring minimal disruption to business operations.
• Develop and maintain an appropriate set of documents such as processes and communication protocols to handle both routine and complex cybersecurity incidents.
• Serve as the escalation point for high-severity incidents and crisis situations, providing direction and executive-level communication throughout the incident lifecycle.
• Leverage and enhance internal processes to turn lessons learned into actionable objectives to further secure Okta’s environments and educate our employees through collaboration with relevant stakeholders across the organization.

Reporting & Metrics

• Establish and track key performance indicators (KPIs) to measure the effectiveness and efficiency of detection and response operations.
• Provide executive-level reporting on security incidents, threat trends, and operational metrics, with recommendations for continuous improvement.

What does it take?

You’re a leader. People want to work with you and for you. You know what it takes to build a world-class detection and response program and you’re passionate about helping make ours stronger.  

You’re a team player. You have great communications skills and a thirst for knowledge. You understand the motivations of malicious actors and how they seek to target and compromise modern zero trust environments and platforms and cloud environments. You’re experienced and passionate about building detection and response programs and you’re excited at the prospect of doing so in a company that protects millions of users’ online lives every day. You’re security-minded but also pragmatic, and have a demonstrated ability to weigh and measure risk appropriately. You’re calm under pressure and have a good internal compass for taking calculated risks. 

Requirements

• A degree in a relevant field would be beneficial but is not required. We value real-world experience and demonstrable skills in cyber threat detection, investigations, and response.
• Minimum of 12 years of relevant experience, with a proven track record of successfully leading teams of 25+ employees distributed across the globe, building and implementing detection and response capabilities, and leading the response to large scale, publicly acknowledged incidents.
• Ability to handle sensitive information with a high degree of integrity and discretion

• Builds Effective Teams: Building strong-identity teams that apply their diverse skills and perspectives to achieve common goals.          
• Demonstrates Self-Awareness (EQ): Using a combination of feedback and reflection to gain productive insight into personal strengths and weaknesses.
• Develops Talent: Developing people to meet both their career goals and the organization’s goals.
• Drives Results: Consistently achieving results, even under tough circumstances.
• Strategic Mindset: Seeing ahead to future possibilities and translating them into breakthrough strategies.