Senior IT Security Analyst
Posted: February 03, 2017
Reference ID: 170004OX
Are you interested in delivering large-scale distributed infrastructure for the cloud? Oracle's Cloud Infrastructure team is building new Infrastructure-as-a-Service technologies that operate at high scale in a broadly distributed multi-tenant cloud environment. Our customers run their businesses on our cloud, and our mission is to provide them with best in class compute, storage, networking, database, security, and an ever expanding set of foundational cloud-based services.
We're looking for hands-on security operations engineers with expertise and passion for solving difficult security problems in distributed, multi-tenant services and infrastructure. If this is you, at Oracle you can be a part of building innovative new systems from the ground up.
These are exciting times in our space - we are growing fast, still at an early stage, and working on ambitious new initiatives. A security-focused engineer at any level can have significant technical and business impact.
As a Security Operations Engineer you will focus on the security of our production infrastructure. You will work closely with other operations engineers, application security engineers, and software development engineers from various cloud services teams to ensure our systems are built securely and remain secure throughout their lifecycle. You should be familiar with security at all levels - including software, hardware, network, and the physical data center - while having considerable depth in at least one. Intellectual curiosity, leadership skills, and personal excitement for the challenges of securing complex, massive systems is a must. You should value simplicity and usability as well as security and work comfortably in a collaborative, agile environment. You must be able to learn quickly in order to ramp up on what we've built so far and to keep pace with our rapid iteration. Mature security and operational decision making is a must. You'll be be expected to make high-value calls that affect the delivering of our systems.
Things you'll do:
* Penetration testing
* Hardening of network, software and firmware
* Security Vulnerability scanning
* Security metrics definition and tracking
* Security issue triage and compliance tracking
* Participate in cross team incident response efforts
* Develop and interpret security policies and procedures
* Evaluate and recommend new and emerging security products and technologies
* Stay informed of new and emerging threats and evaluate their impact to the organization
* Digital forensics
This position requires periodic on-call responsibilities.
Desired skills & experience:
* Bachelor's or Master's degree in Computer Science or related field, or equivalent experience
* 4 years of experience in security engineering, penetration testing, and/or technical operations (with at least 2 of those years in a security-related role)
* Experience working in a large cloud or Internet software company preferred
* Prior DevOps or continuous delivery and deployment experience preferred
* Excellent troubleshooting and problem solving skills
* Extensive hands-on knowledge of system administration and Linux/UNIX operating systems
* Proficiency in one or more modern programming languages (Java, C , Ruby, Python, Perl, etc.)
* Knowledge of operational security tools and practices (e.g. IDS, firewalls, & 3rd-party security products)
* Understanding of web services, distributed systems, and web application development
* Ability to accurately assess and communicate risks and appropriate levels of urgency to management and engineering staff
* Ability to effectively juggle many tasks and projects in a fast-moving environment
* Excellent organizational, verbal and written communication skills
* Ability to both work independently with minimal direction and to collaborate effectively with local and remote teams
* A strong customer focus
The preferred location for this position is one of the Oracle Cloud Dev Centers in Seattle WA or Oakland CA.
Executes security controls to prevent hackers from infiltrating company information or jeopardizing e-commerce programs.
Researches attempted efforts to compromise security protocols. Maintains security systems for routers and switches. Administers security policies to control access to systems. Maintains the company's firewall. Uses applicable encryption methods. Provides information to management regarding the negative impact on the business caused by theft, destruction, alteration or denial of access to information.
Leading contributor individually and as a team member, providing direction and mentoring to others. Work is non-routine and very complex, involving the application of advanced technical/business skills in area of specialization. Prefer 8 years relevant experience and BA/BS degree.
Oracle will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of San Francisco's Fair Chance Ordinance.
Oracle is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans status or any other characteristic protected by law.