• Security Architect

    OracleTopeka, KS 66625

    Job #2813306351

  • Job Description

    Security Architect (IC6/Senior IC5)- SaaS Product Security Architecture and Assurance team

    Position Overview

    We are looking for an experienced Product Security/Application Security professional to help guide product security initiatives across Oracle SaaS products. This position is part of SaaS Product Security Architecture and Assurance team under SaaS Cloud Security organization which is responsible for securing enterprise-grade software services on behalf of our 25,000 customers, processing over 60 billion transactions per day.

    As a Product Security architect, you will be performing security reviews and providing hands-on help to development teams to address security issues systematically. We're looking for passionate engineer who is able to consider business impact and risk to Oracle and its customers while dealing with any security issues. You will work a trusted partner with one or more SaaS product development teams, while simultaneously collaborating with your peers in evolving or creating new security patterns or standards to address any security issues/gaps in an efficient way. You will research the product security landscape and help steer product security architecture for solutions that will provide a competitive edge for Oracle SaaS.

    This position requires strong product security and application security experience. It will be highly valuable to have past experience in working in or with product development teams.

    Career Level - IC6

    Responsibilities

    Job Responsibilities

    • You will work closely with development teams for SaaS products and provide security expertise and guidance to product design conversations and implementation decisions.

    • You will work with product teams to comply with Oracle Software Security Assurance (OSSA) Standards during development and release process.

    • You will work with product teams and peers in security operations to analyze and triage security issues, risk and deploy any mitigation or fix quickly

    • You will perform security design reviews for SaaS Products.

    • You will review and assess security posture and CVEs in third party libraries or products.

    • You may focus on a given SaaS product for a period of time (3-6 months) to understand detailed architecture including access to source code and identify problem areas and then guide team to reduce security risk.

    • You may perform source code review for vulnerability fixes by development teams.

    • You may write code to demonstrate proof of concept for fixing security issues.

    • You will have attunement to trends in the broader security industry and specific security challenges of SaaS products and SaaS customers, and help propose systematic solutions to address these.

    • You will influence and create new security standards, patterns or processes to improve product security assurance in an effective way across SaaS.

    • You will promote the technical and culture strategy of an ingrained DevSecOps culture while working with development teams.

    Qualifications

    • Experience in driving, leading and guiding a product security architecture and assurance effort in a large-scale IaaS/PaaS/SaaS Cloud Service Provider, or Fortune 500 company.

    • Bachelor's degree in Computer Science or related field

    • 8+ years of experience in information technology including 5+ years of experience in product security area.

    • Expert knowledge of modern vulnerability types and threats including intelligence, discovery, mitigation, remediation and root cause.

    • Hands-on experience with programming languages such as Java, Python etc.

    • Hands-on experience and knowledge of product development lifecycle in a large enterprise software company.

    • Experience with industry standard frameworks such as OWASP, MITRE, NIST, PCI, FedRAMP, etc.

    • Ability to guide and engage individuals and development teams located across multiple geographies and or cultures.

    • Demonstrated knowledge of Oracle Cloud, AWS, Azure or Google Cloud is highly desirable

    • Excellent written and verbal communication skills

    Preferred Experience

    • Experience as a Security Lead or Lead Security Point of Contact (SPOC).

    • Understanding of Oracle Software Security Assurance (OSSA) Standards

    • Experience in developing or supporting cloud/enterprise security products including WAF, Identity and Access Management.

    Disclaimer

    Certain US customer or client-facing roles may be required to comply with applicable requirements, such as immunization and occupational health mandates.

    Range and benefit information provided in this posting are specific to the stated locations only

    US: Hiring Range: from $161,600 to $338,600 per annum. May be eligible for bonus, equity, and compensation deferral.

    Oracle maintains broad salary ranges for its roles in order to account for variations in knowledge, skills, experience, market conditions and locations, as well as reflect Oracle's differing products, industries and lines of business.

    Candidates are typically placed into the range based on the preceding factors as well as internal peer equity.

    Oracle US offers a comprehensive benefits package which includes the following

    1. Medical, dental, and vision insurance, including expert medical opinion

    2. Short term disability and long term disability

    3. Life insurance and AD&D

    4. Supplemental life insurance (Employee/Spouse/Child)

    5. Health care and dependent care Flexible Spending Accounts

    6. Pre-tax commuter and parking benefits

    7. 401(k) Savings and Investment Plan with company match

    8. Paid time off: Flexible Vacation is provided to all eligible employees assigned to a salaried (non-overtime eligible) position. Accrued Vacation is provided to all other employees eligible for vacation benefits. For employees working at least 35 hours per week, the vacation accrual rate is 13 days annually for the first three years of employment and 18 days annually for subsequent years of employment. Vacation accrual is prorated for employees working between 20 and 34 hours per week. Employees working fewer than 20 hours per week are not eligible for vacation.

    9. 11 paid holidays

    10. Paid sick leave: 72 hours of paid sick leave upon date of hire. Refreshes each calendar year. Unused balance will carry over each year up to a maximum cap of 112 hours.

    11. Paid parental leave

    12. Adoption assistance

    13. Employee Stock Purchase Plan

    14. Financial planning and group legal

    15. Voluntary benefits including auto, homeowner and pet insurance

    The role will generally accept applications for at least three calendar days from the posting date or as long as the job remains posted.

    About Us

    As a world leader in cloud solutions, Oracle uses tomorrow's technology to tackle today's problems. True innovation starts with diverse perspectives and various abilities and backgrounds.

    When everyone's voice is heard, we're inspired to go beyond what's been done before. It's why we're committed to expanding our inclusive workforce that promotes diverse insights and perspectives.

    We've partnered with industry-leaders in almost every sector-and continue to thrive after 40+ years of change by operating with integrity.

    Oracle careers open the door to global opportunities where work-life balance flourishes. We offer a highly competitive suite of employee benefits designed on the principles of parity and consistency. We put our people first with flexible medical, life insurance and retirement options. We also encourage employees to give back to their communities through our volunteer programs.

    We're committed to including people with disabilities at all stages of the employment process. If you require accessibility assistance or accommodation for a disability at any point, let us know by calling +~~~, option one.

    Disclaimer:

    Oracle is an Equal Employment Opportunity Employer*. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans' status, or any other characteristic protected by law. Oracle will consider for employment qualified applicants with arrest and conviction records pursuant to applicable law.

    *** Which includes being a United States Affirmative Action Employer**