Staff Controls Assurance Analyst

Get to Know Okta

Okta is The World’s Identity Company. We free everyone to safely use any technology—anywhere, on any device or app. Our Workforce and Customer Identity Clouds enable secure yet flexible access, authentication, and automation that transforms how people move through the digital world, putting Identity at the heart of business security and growth.

Join Our Team

We’re building a world where Identity belongs to you. The Security Compliance team’s mission is to strengthen Okta’s position as the leading Identity-as-a-Service solution through a security-first approach to compliance. We are looking for someone with a strong compliance background and experience in the technical implementation of security controls from SOC2, ISO27001, and other international frameworks. The right candidate will have participated in a mature ISMS program and will play a key role in providing customers with confidence in Okta’s leadership in the identity space.

What You’ll Be Doing

The ideal candidate will have hands-on experience with the technical implementation of SOC2 and ISO controls in a cloud-based environment using tools such as AWS, GCP, MongoDB, Splunk, Salesforce, Okta, ServiceNow, JIRA and others. This position requires a unique set of skills including project management, and an eye towards future standards and regulations that will impact our customers. If you’re a self-starter who wants to make a difference in global cloud security, we want you on board.

• Operate continuous security monitoring program
• Perform continuous assurance/controls efficacy validation
• Perform risk-based internal assessments of security control efficacy
• Utilize a common control framework to perpetually validate the Okta security control environment
• Manage issue creation and reporting of deviations based on monitoring and assurance activities
• Communicate with process and control owners to help them understand the audit results, identify remediation options, and prioritize their closure
• Maintaining well documented standard operating procedures for continuous assurance activities
• Identify opportunities for improvement within the Compliance program and build plans to address them.

What You’ll Bring To The Role

• Bachelor’s degree or higher in Computer Science, Management Information Systems or Accounting, or equivalent experience
• Comprehensive understanding of IT Security practices and the Governance, Risk, and Compliance lifecycle
• In-depth knowledge in IT security frameworks and best practices, such as NIST-800 publications, FedRAMP, ISO 27001, CCM, and SOC2 Trust Principles and Criteria
• Experience managing a team of security professionals
• Strong analytical and problem-solving skills and the ability to “think-out-of-the-box”
• Strong oral, written and presentation communication skills
• Able to work independently or with a team

Extra Credit

• Certified Information System Auditor (CISA)
• Certified Information Systems Security Professional (CISSP)
• Certificate of Cloud Security Knowledge (CCSK)
• Familiarity with JIRA and Okta