Oracle Principal Security Engineer - Product Security
Architecture (JoinOCI-SecGroup) in Cambridge , Massachusetts
Design, develop, troubleshoot and debug software programs for
databases, applications, tools, networks etc.
As a member of the software engineering division, you will take
an active role in the definition and evolution of standard
practices and procedures. You will be responsible for defining and
developing software for tasks associated with the developing,
designing and debugging of software applications or operating
Work is non-routine and very complex, involving the application
of advanced technical/business skills in area of specialization.
Leading contributor individually and as a team member, providing
direction and mentoring to others. BS or MS degree or equivalent
experience relevant to functional area. 7 years of software
engineering or related experience.
Oracle is an Affirmative Action-Equal Employment Opportunity
Employer. All qualified applicants will receive consideration for
employment without regard to race, color, religion, sex, national
origin, sexual orientation, gender identity, disability, protected
veterans status, age, or any other characteristic protected by
Oracle Public Cloud - Security Engineer
The Oracle Cloud Infrastructure (OCI) team can provide you the
opportunity to build and operate a suite of massive scale,
integrated cloud services in a broadly distributed, multi-tenant
cloud environment. OCI is committed to providing the best in cloud
products that meet the needs of our customers who are tackling some
of the world s biggest challenges.
We offer unique opportunities for smart, hands-on engineers with
the expertise and passion to solve difficult problems in
distributed highly available services and virtualized
infrastructure. At every level, our engineers have a significant
technical and business impact designing and building innovative new
systems to power our customer s business critical applications.
Principal Security Engineer - Product Security Architecture
Product Security Architecture assists the engineering
organization and partners to build secure products, services, and
features. We develop strong Product Security practices, partner
with product owners, engineers and executives to ensure new
products and features meet the highest security standards. Security
is reflected every day in the services we build, our company
operates and how we engage with service teams and partners. We are
trusted advisers and guide the organization to deliver the most
secure cloud in the industry.
Are you interested in securing a large-scale distributed cloud
infrastructure and platforms? Oracle's Cloud team is building new
IaaS and PaaS technologies that operate at high scale in a broadly
distributed and rapidly growing multi-tenant cloud environment. Our
mission is to provide our cloud customers with the most secure
cloud products and services.
We're looking for hands-on security engineers with expertise and
passion in solving difficult security problems in distributed
systems, multi-tenant services and large-scale infrastructures. If
this is you, at Oracle Cloud you can help design and build
innovative new systems from the ground up. These are exciting times
in our space - we are growing fast, and working on ambitious new
initiatives. A security-focused engineer at any level can make
significant technical and business impact.
As a Principal Security Engineer you will work closely with
engineers from the various cloud service teams to lead building
secure architecture that is fundamentally sound and efficient. Your
influence and innovation in design of the full system architecture
is critical. You should be familiar with security at all levels of
the software, hardware, and network stack; while being
exceptionally deep in a few. Intellectual curiosity and an
excitement for the challenges of securing complex, massive systems
are a must. You should value simplicity and usability as well as
security and work comfortably in a collaborative, agile
Consult software development teams in design and architecture of
secure systems. Collect, identify, and develop best practices,
patterns, and anti-patterns for specific security-related
Perform threat modeling exercises and propose technical controls
for critical systems, conduct and facilitate technology security
reviews including Secure SDLC testing requirements & Identify,
prioritize, and help implement security improvements that maximize
security while keeping developers productive
Serve as security thought leader for all application security
automation. Architect, design, prototype, support, and evaluate
security-focused tools and services including project leadership.
Assist with triage of findings from security tools. Develop and
refine rules and checks for security automation.
Research new security technologies
Identify and understand inherent, systemic high-risk security
issues that could lead to security incidents. Architect, design,
prototype, support, and validate scalable security solutions to
eliminate systemic issues, including project leadership.
Bachelor s degree, Master s degree preferred, (or equivalent
experience) in Computer Science or related field
8 years of experience in security engineering or related
Strong sense of ownership, urgency, and drive
Demonstrable teamwork skills and resourcefulness
Possess self-drive to keep moving things forward even in the
face of ambiguity and imperfect knowledge (avoid analysis paralysis
Sharp analytical abilities and proven design skills
Experience working in a large cloud or Internet software
Principal security engineer is expected to have experience in
multiple security domains, to develop scalable solutions for
complex business problems, including project leadership.
Experience with multiple programming languages (such as, Java, C
, Ruby, Python, Go, etc.)
Experience in several of the areas:
o Security design and threat modeling
o Security consulting and development of best practices,
patterns and anti-patterns, secure-by-default solutions
o Research of new security technologies
o Automation: from prototyping new security tools,
evaluating/validating existing security tools, automation, to
supporting and improving existing product security tools: SAST,
DAST, IAST, RASP, SCA, etc.
o Systemic security issues: identifying, root cause analysis,
designing security solutions, including project leadership
o Web application security experience:
Experience with web application vulnerabilities and mitigations
beyond the OWASP Top 10
Experience with federation protocols (SAML, OAuth)
o Network security experience:
Building network security architectures for complex global
Network and web related protocols such as, TCP/IP, UDP, IPSEC,
Routing protocols, such as BGP and route reflectors.
Job: *Product Development
Title: Principal Security Engineer - Product Security
Requisition ID: 20000QM7
Other Locations: US-TX,Texas-Austin, United States
USA Cares exists to help bear the burdens of service by
providing post-9/11 military families with financial and advocacy
support in their time of need.
USA Cares is a national 501(c)(3) non-profit, charitable
organization based in Kentucky and registered with the IRS.