Oracle Sr Principal Security Engineer - Product Security Architecture (JoinOCI-SecGroup)) in Indianapolis, Indiana
Design, develop, troubleshoot and debug software programs for databases, applications, tools, networks etc.
As a member of the software engineering division, you will take an active role in the definition and evolution of standard practices and procedures. Define specifications for significant new projects and specify, design and develop software according to those specifications. You will perform professional software development tasks associated with the developing, designing and debugging of software applications or operating systems.
Provide leadership and expertise in the development of new products/services/processes, frequently operating at the leading edge of technology. Recommends and justifies major changes to existing products/services/processes. BS or MS degree or equivalent experience relevant to functional area. 8 or more years of software engineering or related experience.
This is a remote/office based position which may be performed anywhere in the United States except for within the state of Colorado.
Oracle is an Affirmative Action-Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability, protected veterans status, age, or any other characteristic protected by law.
Senior Principal Security Engineer – Product Security Architecture
Cloud Engineering Infrastructure Development
/At Oracle Cloud Infrastructure (OCI), we build the future of the cloud for Enterprises as a diverse team of fellow creators and inventors. We act with the speed and attitude of a start-up, with the scale and customer-focus of the leading enterprise software company in the world./
/Values are OCI’s foundation and how we deliver excellence. We strive for equity, inclusion, and respect for all. We are committed to the greater good in our products and our actions. We are constantly learning and taking opportunities to grow our careers and ourselves. We challenge each other to stretch beyond our past to build our future./
/You are the builder here. You will be part of a team of really smart, motivated, and diverse people and given the autonomy and support to do your best work. It is a dynamic and flexible workplace where you’ll belong and be encouraged./
We offer unique opportunities for smart, hands-on security engineers with the expertise and passion to solve difficult problems in distributed highly available services and virtual infrastructure. At every level, our engineers have a significant technical and business impact designing and building innovative new systems to power our customer’s business critical applications. Our customers run their businesses on our cloud, and our mission is to provide them with the most secure cloud services.
Product Security Architecture assists the engineering organization and partners to build secure products, services, and features. We develop strong Product Security practices, collaborate with product owners, engineers and executives to ensure new products and features meet the highest security standards. Security is reflected every day in the services we build, our company operates and how we engage with service teams and partners. We are trusted advisers and guide the organization to deliver the most secure cloud in the industry.
Who are we looking for?
We are looking for hands-on security engineers with expertise and passion in solving difficult security problems in distributed systems, multi-tenant services and large-scale infrastructures. If this is you, at Oracle Cloud you can help design and build innovative new systems from the ground up. These are exciting times in our space - we are growing fast, and working on ambitious new initiatives. A security-focused engineer at any level can make significant technical and business impact.
As a Principal Security Engineer, you will work closely with engineers from the various cloud service teams to lead building secure architecture that is fundamentally sound and efficient. Your influence and innovation in design of the full system architecture is critical. You should be familiar with security at all levels of the software, hardware, and network stack; while being exceptionally deep in a few. Intellectual curiosity and an excitement for the challenges of securing complex, massive systems are necessary. You should value simplicity and usability as well as security and work comfortably in a collaborative, agile environment.
Consult software development teams in design and architecture of secure systems. Collect, identify, and develop best practices, patterns, and anti-patterns for specific security-related problems.
Perform threat modeling exercises and propose technical controls for critical systems, conduct and facilitate technology security reviews including Secure SDLC testing requirements & Identify, prioritize, and help implement security improvements that maximize security while keeping developers productive
Serve as security thought leader for all application security automation. Architect, design, prototype, support, and evaluate security-focused tools and services including project leadership. Assist with triage of findings from security tools. Develop and refine rules and checks for security automation.
Research new security technologies
Identify and understand inherent, systemic high-risk security issues that could lead to security incidents. Architect, design, prototype, support, and validate scalable security solutions to eliminate systemic issues, including project leadership.
Bachelor’s degree, Master’s degree preferred, (or equivalent experience) in Computer Science or related field
10 years of experience in security engineering or related field
Strong sense of ownership, urgency, and drive
Demonstrable teamwork skills and resourcefulness
Possess self-drive to keep moving things forward even in the face of ambiguity and imperfect knowledge (avoid “analysis paralysis”)
Sharp analytical abilities and proven design skills
Experience working in a large cloud or Internet software company
Principal security engineer is expected to have experience in multiple security domains, to develop scalable solutions for complex business problems, including project leadership.
Experience with multiple programming languages (such as, Java, C , Ruby, Python, Go, etc.)
Experience in several of the areas:
o Security design and threat modeling
o Security consulting and development of best practices, patterns and anti-patterns, secure-by-default solutions
o Research of new security technologies
o Automation: from prototyping new security tools, evaluating/validating existing security tools, automation, to supporting and improving existing product security tools: SAST, DAST, IAST, RASP, SCA, etc.
o Systemic security issues: identifying, root cause analysis, designing security solutions, including project leadership
o Web application security experience:
Experience with web application vulnerabilities and mitigations beyond the OWASP Top 10
Expert in web browser security
Experience with federation protocols (SAML, OAuth)
o Network security experience:
Building network security architectures for complex global networks
Network and web related protocols such as, TCP/IP, UDP, IPSEC, HTTP, HTTPS,
Routing protocols, such as BGP and route reflectors.
Job: *Product Development
Title: Sr Principal Security Engineer - Product Security Architecture (JoinOCI-SecGroup))
Requisition ID: 21000CU7
Other Locations: US-TX,Texas-Austin, United States
- Oracle Jobs