Oracle Principal Security Engineer - Product Security Architecture (JoinOCI-SecGroup) in Bozeman, Montana
Design, develop, troubleshoot and debug software programs for databases, applications, tools, networks etc.
As a member of the software engineering division, you will take an active role in the definition and evolution of standard practices and procedures. You will be responsible for defining and developing software for tasks associated with the developing, designing and debugging of software applications or operating systems.
Work is non-routine and very complex, involving the application of advanced technical/business skills in area of specialization. Leading contributor individually and as a team member, providing direction and mentoring to others. BS or MS degree or equivalent experience relevant to functional area. 7 years of software engineering or related experience.
Oracle is an Affirmative Action-Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability, protected veterans status, age, or any other characteristic protected by law.
Oracle Public Cloud - Security Engineer
Cloud Infrastructure Group (Seattle, WA)
The Oracle Cloud Infrastructure (OCI) team can provide you the opportunity to build and operate a suite of massive scale, integrated cloud services in a broadly distributed, multi-tenant cloud environment. OCI is committed to providing the best in cloud products that meet the needs of our customers who are tackling some of the world s biggest challenges.
We offer unique opportunities for smart, hands-on engineers with the expertise and passion to solve difficult problems in distributed highly available services and virtualized infrastructure. At every level, our engineers have a significant technical and business impact designing and building innovative new systems to power our customer s business critical applications.
Principal Security Engineer - Product Security Architecture
Product Security Architecture assists the engineering organization and partners to build secure products, services, and features. We develop strong Product Security practices, partner with product owners, engineers and executives to ensure new products and features meet the highest security standards. Security is reflected every day in the services we build, our company operates and how we engage with service teams and partners. We are trusted advisers and guide the organization to deliver the most secure cloud in the industry.
Are you interested in securing a large-scale distributed cloud infrastructure and platforms? Oracle's Cloud team is building new IaaS and PaaS technologies that operate at high scale in a broadly distributed and rapidly growing multi-tenant cloud environment. Our mission is to provide our cloud customers with the most secure cloud products and services.
We're looking for hands-on security engineers with expertise and passion in solving difficult security problems in distributed systems, multi-tenant services and large-scale infrastructures. If this is you, at Oracle Cloud you can help design and build innovative new systems from the ground up. These are exciting times in our space - we are growing fast, and working on ambitious new initiatives. A security-focused engineer at any level can make significant technical and business impact.
As a Principal Security Engineer you will work closely with engineers from the various cloud service teams to lead building secure architecture that is fundamentally sound and efficient. Your influence and innovation in design of the full system architecture is critical. You should be familiar with security at all levels of the software, hardware, and network stack; while being exceptionally deep in a few. Intellectual curiosity and an excitement for the challenges of securing complex, massive systems are a must. You should value simplicity and usability as well as security and work comfortably in a collaborative, agile environment.
Things you ll do:
Consult software development teams in design and architecture of secure systems. Collect, identify, and develop best practices, patterns, and anti-patterns for specific security-related problems.
Perform threat modeling exercises and propose technical controls for critical systems, conduct and facilitate technology security reviews including Secure SDLC testing requirements & Identify, prioritize, and help implement security improvements that maximize security while keeping developers productive
Serve as security thought leader for all application security automation. Architect, design, prototype, support, and evaluate security-focused tools and services including project leadership. Assist with triage of findings from security tools. Develop and refine rules and checks for security automation.
Research new security technologies
Identify and understand inherent, systemic high-risk security issues that could lead to security incidents. Architect, design, prototype, support, and validate scalable security solutions to eliminate systemic issues, including project leadership.
Bachelor s degree, Master s degree preferred, (or equivalent experience) in Computer Science or related field
8 years of experience in security engineering or related field
Strong sense of ownership, urgency, and drive
Demonstrable teamwork skills and resourcefulness
Possess self-drive to keep moving things forward even in the face of ambiguity and imperfect knowledge (avoid analysis paralysis )
Sharp analytical abilities and proven design skills
Experience working in a large cloud or Internet software company
Principal security engineer is expected to have experience in multiple security domains, to develop scalable solutions for complex business problems, including project leadership.
Experience with multiple programming languages (such as, Java, C , Ruby, Python, Go, etc.)
Experience in several of the areas:
o Security design and threat modeling
o Security consulting and development of best practices, patterns and anti-patterns, secure-by-default solutions
o Research of new security technologies
o Automation: from prototyping new security tools, evaluating/validating existing security tools, automation, to supporting and improving existing product security tools: SAST, DAST, IAST, RASP, SCA, etc.
o Systemic security issues: identifying, root cause analysis, designing security solutions, including project leadership
o Web application security experience:
Experience with web application vulnerabilities and mitigations beyond the OWASP Top 10
Expert in web browser security
Experience with federation protocols (SAML, OAuth)
o Network security experience:
Building network security architectures for complex global networks
Network and web related protocols such as, TCP/IP, UDP, IPSEC, HTTP, HTTPS,
Routing protocols, such as BGP and route reflectors.
Job: *Product Development
Title: Principal Security Engineer - Product Security Architecture (JoinOCI-SecGroup)
Requisition ID: 20000QM7
Other Locations: US-TX,Texas-Austin, United States