Join to apply for the Principal Security Researcher role at Oracle.
Get AI-powered advice on this job and more exclusive features.
Job Description
Are you a passionate security researcher with experience assessing large, complex software products? We are looking for talented individuals who are excited about security research and developing creative solutions for some of Oracle’s most critical customers. Finding and combining bugs to create new attacks is essential in this role.
Who We Are
We are a world-class team of application security researchers who love new challenges. We are inclusive and diverse, with a full range of experience and a global reach. We have the resources of a large enterprise and the energy of a start-up, working on a critical software assurance initiative with our cloud and mobile engineering teams. Our mission is to make application security and software assurance a reality, at scale. Join us to grow your career and create the future of software assurance.
Work You’ll Do
As a member of our team, you will be responsible for planning and delivering in-depth security assessments across a variety of products and services. Your projects could include static and dynamic analysis of infrastructure, writing fuzzers for undocumented protocols, or developing new programming language grammars. Responsibilities include:
* Scope and execute security assessments and vulnerability research across on-premise software, cloud services, and infrastructure.
* Perform security assessments using static and dynamic analysis results.
* Create testing tools to identify security weaknesses.
* Collaborate with teams to triage and fix security issues.
What You’ll Bring
* Bachelor’s or Master’s degree in Computer Science, Electrical Engineering, or related field.
* 7+ years of experience in security assessments, penetration testing, red teaming, or web application assessments.
* Aptitude for self-study and achieving long-term goals.
* Ability to assess and communicate risks effectively.
* Excellent organizational and communication skills.
* No security clearance required.
* Flexibility to work in a hybrid model (50%) from Reading office.
Nice to Have
* Proficiency in Go, Java, Python, or C/C++.
* 5+ years of software development experience.
* Manual source code review skills.
* Experience in cybersecurity consulting, vulnerability management, bug bounty hunting, malware analysis, or forensics.
* Certifications like OSCP, OSWE, or interest in obtaining them.
* Experience with large codebases and security assessment tools for mobile, reverse engineering, fuzzing, or web assessments.
* Manual penetration testing skills in multiple areas.
* Knowledge of vulnerabilities, mitigation strategies, and classification frameworks.
* Ability to threat model systems and identify exploitable flaws.
What We’ll Give You
* A diverse, skilled global team.
* Hybrid work environment.
* Exposure to large-scale systems.
* Resources of a large organization with a startup feel.
* Opportunities for skill development and training.
* Competitive benefits and perks.
* Impactful work that improves systems and delights customers.
About Us
As a leader in cloud solutions, Oracle leverages innovative technology to address today’s challenges. We are committed to an inclusive workforce and support community engagement. We offer flexible benefits and are an equal opportunity employer. For accessibility needs, contact accommodation-request_mb@oracle.com or call +1 888 404 2494 (US).
Additional Info
* Seniority level: Mid-Senior level
* Employment type: Full-time
* Job function: Information Technology
* Industries: IT Services and Consulting
#J-18808-Ljbffr