Description The Oracle Cloud Security and Safety team is seeking dedicated security engineers looking to make their mark in a new security domain. The team is committed to bridging the gap between operations and security, creating tooling that empowers engineering and operations teams within Oracle to operate their services without fear of making security impacting mistakes. Oracle Cloud Infrastructure is committed to constantly improving and securing our suite of massive scale, integrated cloud services in a broadly distributed, multi-tenant cloud environment. We are committed to providing the best in cloud products that meet the needs of our customers who are tackling some of the world’s biggest challenges. We offer unique opportunities for smart, hands-on security engineers with the expertise and passion to solve difficult architecture, engineering, and process problems. Our customers run their businesses on our cloud, and our mission is to provide them with the most secure cloud services. Our ideal candidate is a security engineer with expertise and passion in finding and improving areas of weakness, while developing new standards in the security and safe operation of distributed systems, multi-tenant services and large-scale infrastructures. If this is you, joining Oracle Cloud Infrastructure (OCI) will enable you to design and build innovative new security models & systems from the ground up. These are exciting times in our space – we are growing fast and working on ambitious new initiatives. A security-focused engineer at any level can make significant technical and business impact. Responsibilities: Prototype, design, and implement security solutions for new and challenging problems Drive and champion security tool development (e.g. scanning tools) Consult software development teams in design and architecture of safe and secure systems through Threat Modeling and modeling exercises Champion and consult on secure development lifecycle practices Design and integrate verification and posture reporting mechanisms Define security configuration and implementation best practices Requirements: 10 years of experience in security engineering or related field or equivalent experience Experience building automated security solutions Experience operating large, distributed, continuously deployed services LI-DNI Responsibilities Responsible for expert planning, design and build of security systems, applications, environments and architectures; oversees the implementation of security systems, applications, environments and architectures and ensures compliance with information security standards and corporate security policies and procedures. Evaluates existing and proposed technical architectures for security risk, provides expert technical advice to support the design and development of secure architectures and recommends security controls to mitigate those risks. Evaluations of internal security architecture may include design assessment, risk assessment, and threat modeling. Provides expert technical advice and direction to support the design and development of secure architectures. Maintain expert proficiency in emerging trends in information security. Determine the best practices for the large-scale Big Data infrastructure used by some Oracle LOBs, including tooling, data architecture, and content. May lead incident management teams and provide expert level incident management expertise. Coordinates incidents with other business units and may act as incident commander of multiple serious incidents. Leads development of new methods, playbooks and provide thought-leadership related to incident management throughout Oracle. May provide leadership in an incident management team, bringing expert-level skills to respond to security events in line with Oracle incident response playbooks. Investigates purported intrusions and breaches, and oversees root cause analysis. Coordinates incidents with other business units and may act as Incident Commander on multiple serious incidents. Leads development of new methods, and playbooks, as well as highly sophisticated scripts, applications, and tools. Trains and mentors other staff, and may supervise incident management teams. Brings expert-level skills to research, evaluate, track, and manage information security threats and vulnerabilities in situations where in-depth analysis of ambiguous information is required, but no computer programming/scripting knowledge is required. Leads development of highly sophisticated scripts, applications, and tools, and trains others in their use. Focus on operational and strategic level tasks, and provide counsel and guidance to the junior level security operations engineers in the department. LI-DNI Qualifications Career Level - IC5