Vacancy expired!
Job DescriptionResponsible for the planning, design and build of security architectures; oversees the implementation of network and computer security and ensures compliance with corporate security policies and procedures.Responds to security events, identifying possible intrusions and responding in line with Oracle incident response playbooks.Assist in development of incident response capabilities, training, and tool validation.Research industry trends and constantly assess current controls and threat posture of new and existing products and services.Assists with basic planning, design and build of security systems, applications, environments and architectures.Assist with the review and development of internal standards, guidelines, processes, and procedures and end-user guidelines and procedures.Minimum of 2 years related experience as a security engineer, analyst, architect, consultant, or developer required.Strong knowledge of security principles (network, database, infrastructure, application, and cloud), vulnerabilities, attack and defense methodologies, and a strong drive to continue to learn.Familiarity with SDLC principles and scripting & programming languages (such as Terraform, Python, Ruby, etc.).General knowledge of security frameworks (like CIS, OWASP, and NIST) and regulatory frameworks (like PCI DSS, HIPAA, and FedRAMP).Preferred but not required qualifications include: Bachelor's degree in Computer Science. Experience with high-level software design and development and the design, use, and deployment of automation and orchestration frameworks. Demonstrable scripting or programming experience.If you are a Colorado resident, Please Contact us or Email us at oracle-salary-inquiriesus@oracle.com to receive compensation and benefits information for this role. Please include this Job ID: 181261 in the subject line of the email.ResponsibilitiesThe Team:Want to take your career to the next level while having fun and working in a small, agile, and inquisitive team? Do you like breaking and securing code?Our team is at the forefront of improving the security posture of Oracle offerings. We are not only invested in finding security vulnerabilities but also making sure they are fixed accurately and do not happen again. We value people who can use their skills and share their expertise to effect meaningful change both at the technical level as well as the process level. Our team members have a genuine excitement for and curiosity about security, as well as the desire to share knowledge and help everyone learn from the high technical and ethical standards that have been set.The Company:Oracle is the world’s leading provider of business software. With a presence in over 175 countries, we are one of the biggest technology companies in the world. We're using innovative new technologies to take on real-world problems today! From advancing energy efficiency to reimagining online commerce, the work we do is not only redefining the world of business, it's helping advance governments, power nonprofits, and giving billions of people the tools they need to outpace change. For more information about Oracle (NYSE:ORCL), visit us at https://www.oracle.com.What You'll Do:Your next project could be anything from static and dynamic analysis of a multi-node Java infrastructure, to writing a fuzzer for an undocumented network protocol or the grammar of a new programming language, to analysis and reverse engineering of firmware used in the thousands of servers supporting our cloud services. Creativity is highly valued; being able to find novel bugs and stitch them together to build something greater than the sum of their parts is essential in this role.Scope and complete security assessments across a broad range of mobile, web, cloud services and cloud infrastructure code.
Perform in-depth security assessments using results from static and dynamic analysis.
Build testing tools to help engineering teams identify security-related weaknesses.
Collaborate with senior security researchers to determine impact, reporting and presentation of security issues you have identified.
What You'll Bring (Objective Minimum Qualifications):To be considered for a role in our Software Assurance team, you need to meet these minimum qualifications; please ensure your application clearly addresses these qualifications:Have a Master’s or PhD degree in Computer Science, Cybersecurity or an equivalent science/engineering field by June 2023.
Have no more than 12 months of professional full-time work experience in the technology field (excluding internships, research and/or teaching assistant roles, and military experience).
Reside in the United States and/or attend a university in the US.
Able to obtain own work authorization in the US in 2023.
Are proficient (e.g. able to complete coding projects with no assistance) in at least one of the following programming languages: Go, Java, Python, C/C Have completed academic coursework, projects, internships, and/or research in Application Security, Cybersecurity and/or Information Security.
Have completed academic coursework, projects, internships, and/or research in at least one of the following areas: Application Security, Web/Mobile/Cloud Security, Ethical Hacking, Penetration Testing.
Are familiar with application security projects (e.g. OWASP Top 10) or tools (e.g. ZAP, Burp) through academic coursework, projects, internships, and/or research.
Other Preferred Qualifications:Experience working in an Agile development environment.
Strong ethics and understanding of ethics in information security.
Ability to perform manual source code reviews in one of the aforementioned languages, or assisted review with code analysis tools such as CodeQL.
Knowledge of common vulnerabilities in different types of software and programming languages, including:
How to test for/exploit them
Real world mitigations that can be applied.
Some familiarity with using common security assessment tools and techniques in one or more the following categories:
Mobile Application Assessment (iOS / Android)
Reverse Engineering (e.g. IDA Pro/Ghidra/Radare2)
Fuzzing (e.g. Jazzer/AFL/Peach)
Web Application assessment (e.g. BurpSuite Proxy, ZAP, REST API testing)
Familiarity with vulnerability classification frameworks (e.g. OWASP Top 10).
Capable of working independently while supporting a team environment.
Ability to efficiently handle multiple tasks.
Strong communication skills in English.
What We’ll Give You:A team of very skilled and diverse personnel across the globe.
Opportunities for further education in software development and software security.
Experience to work in large enterprise codebases and systems for performing security analysis.
About UsDiversity and Inclusion:An Oracle career can span industries, roles, Countries and cultures, giving you the opportunity to flourish in new roles and innovate, while blending work life in. Oracle has thrived through 40+ years of change by innovating and operating with integrity while delivering for the top companies in almost every industry.In order to nurture the talent that makes this happen, we are committed to an inclusive culture that celebrates and values diverse insights and perspectives, a workforce that inspires thought leadership and innovation. .Oracle offers a highly competitive suite of Employee Benefits designed on the principles of parity, consistency, and affordability. The overall package includes certain core elements such as Medical, Life Insurance, access to Retirement Planning, and much more. We also encourage our employees to engage in the culture of giving back to the communities where we live and do business.At Oracle, we believe that innovation starts with diversity and inclusion and to create the future we need talent from various backgrounds, perspectives, and abilities. We ensure that individuals with disabilities are provided reasonable accommodation to successfully participate in the job application, interview process, and in potential roles. to perform crucial job functions.That’s why we’re committed to creating a workforce where all individuals can do their best work. It’s when everyone’s voice is heard and valued that we’re inspired to go beyond what’s been done before.Disclaimer:Certain US customer or client-facing roles may be required to comply with applicable requirements, such as immunization and occupational health mandates.Oracle is an Equal Employment Opportunity Employer . All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans’ status, or any other characteristic protected by law. Oracle will consider for employment qualified applicants with arrest and conviction records pursuant to applicable law. Which includes being a United States Affirmative Action Employer
Vacancy expired!