Full Job Description
Are you interested in building large-scale distributed infrastructure for the cloud? Oracle’s Cloud Infrastructure team is building its next generation Cloud IaaS/PaaS/SaaS technologies that operate at high scale in a broadly distributed multi-tenant environment. Our customers run their businesses on our cloud, and our mission is to provide them with outstanding, foundational cloud networking services.
https://cloud.oracle.com/cloud-infrastructure
Our team designs, engineers and operates the security for our best in class cloud services. We are reimagining the traditional enterprise thinking of security and crafting an environment suitable for the most fast paced and security conscience customers with our new large scale distributed services. This team is here to protect the customers, protect our cloud and make sure it is best of breed.
We are looking for individuals with experience in threat hunting, determining indicators of compromise (IOCs), incident management, and red team/blue team activities for our IaaS, PaaS and SaaS environments. You will be part of a Detection and Response Team who are responsible for the security monitoring, investigation and reporting of product security incidents for all of the cloud. This includes; using tools to investigate, crafting tools/scripts to aid in quick analysis and response, and responding to security events. The position operates and tunes security-supporting tools, provides requirements for new security tools and builds use cases for additional monitoring situations.
If this excites you, come help us deliver the next level of secure cloud computing. These are exciting times in our space – we are growing fast, still at an early stage and working on results-oriented new initiatives. An engineer at any level can have significant technical and business impact.
Responsibilities
Monitor Oracle Cloud Infrastructure for intrusions by perform hunting exercises using threat intelligence, analysis of anomalous log data and results of historical events and data to detect and respond to threats
Develop anomaly detection dashboards and reports to identify potential threats, suspicious activity, and intrusions
Monitor for security indicators by correlating and analysing a variety of application, network and host-based security logs and resolving accurate remediation actions and critical issue paths for each incident
Develop scripts to support the automation of the detection and incident response process
Evaluate and recommend new and emerging security solutions and technologies
Deliver self-service security metric data of discovery, triage and trending analysis of team findings
Mentor and support junior team members
Lead investigations across a sophisticated set of data and services
Participate in Red/Blue/Purple team activities
Preferred Qualifications
Bachelor’s Degree in Computer Science, Information Assurance, Security, Management Information Systems, Risk Management or equivalent work experience
3-5+ years of related cybersecurity architecture, engineering, or SOC work experience (monitoring, detection, incident response, forensics)
Intermediate scripting using Python, Perl, PowerShell, or an equivalent language
Excellent written and verbal communications, including presentation skills, are meaningful to be successful in this role
Proven ability to effectively connect with all levels of the organization, as well as with external parties
Effectively communicate security concepts with both technical and non-technical individuals
Preferred knowledge of current sophisticated adversary TTP’s and experience responding to APT charges
Understanding of host and network Incident Response processes, tasks, and tools
Knowledge of operational security tools and practices (e.g. IDS, firewalls, & 3rd-party security products)
Responsible for the planning, design and build of security architectures; oversees the implementation of network and computer security and ensures compliance with corporate security policies and procedures.
Responsible for basic planning, design and build of security systems, applications, environments and architectures; oversees the implementation of security systems, applications, environments and architectures and ensures compliance with information security standards and corporate security policies and procedures.
Assist in development of incident response capabilities, training, and tool validation.
May research, evaluate, track, and manage information security threats and vulnerabilities in situations where analysis of well-understood information is required and where computer programming/scripting knowledge is required.
May participate in an incident management team, responding to security events in line with Oracle incident response playbooks. Investigates purported intrusions and breaches, and oversees root cause analysis. Coordinates incidents with other business units and may assist the Incident Commander during serious incidents. Participates in developing new methods, and playbooks, as well as basic scripts, applications, and tools.
Research industry trends and constantly assess current controls and threat posture of new and existing products and services.
Recommend and implement new security controls across Oracle’s line of business (LOB).
Improve current processes and workflows to minimize manual efforts.
Minimum of 5 years related experience in an information security role, supporting security programs and security engineering/architecture in complex enterprise environments. Hands on experience with enterprise security architecture, engineering and implementation required.
Knowledge of compliance program security controls, like ISO 27001, SOC 2, HITRUST, and FedRAMP, as applied to cloud SaaS, PaaS and IaaS operations.
Familiarity with SDLC principles and scripting & programming languages (such as Terraform, Python, Ruby, etc.).
Preferred but not required qualifications include:
Bachelor-level university degree in a relevant field from an accredited university, or equivalent.
Experience in developing secure, scalable cloud architectures and distributed systems.
Experience with high-level software design and development and the design, use, and deployment of automation and orchestration frameworks.
Demonstrable scripting or programming experience.
Innovation starts with inclusion at Oracle. We are committed to creating a workplace where all kinds of people can be themselves and do their best work. It’s when everyone’s voice is heard and valued, that we are inspired to go beyond what’s been done before. That’s why we need people with diverse backgrounds, beliefs, and abilities to help us create the future, and are proud to be an affirmative-action equal opportunity employer.
Oracle is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans status, age, or any other characteristic protected by law. Oracle will consider for employment qualified applicants with arrest and conviction records pursuant to applicable law.