• Senior Security Engineer

    OracleOklahoma City, OK 73163

    Job #2749150484

  • Job Description

    The Oracle Cloud Infrastructure (OCI) team can provide you the opportunity to build and operate a suite of massive scale, integrated cloud services in a broadly distributed, multi-tenant cloud environment. OCI is committed to providing the best in cloud products that meet the needs of our customers who are tackling some of the world's biggest challenges.

    We offer unique opportunities for smart, hands-on security engineers with the expertise and passion to solve difficult problems in distributed highly available services and virtual infrastructure. At every level, our engineers have a significant technical and business impact designing and building innovative new systems to power our customer's business critical applications. Our customers run their businesses on our cloud, and our mission is to provide them with the most secure cloud services.

    The OCI Hardware Security group conducts Security assessments of the production hardware that runs our cloud, and develops the requirements for future Networking, Storage, Compute components. We work closely across Oracle, with third party vendors, and with standards organization to influence the next generation of hardware platform security. In addition to defining the best hardware, OCI HW Security knows that platform security also depends on how that hardware is used. To that end, HW Security also works closely with OCI's operations and engineering teams, constantly striving to improve Oracle Cloud's overall operational security posture by defining the supply chain and operational requirements to establish best practices for managing security for every device in our data centers.

    A security-focused engineer at any level can have significant technical and business impact. Come shape the future of one of the largest clouds on earth with us. Overall, the OCI Security Architecture team performs a variety of work ranging from cloud security, application security, vulnerability analysis, threat modeling, and hacking/enterprise network penetration.

    The biggest challenges for the team is the dynamic and fast growth of the business, driving us to improve our systems, tools, and automation to scale to our security expertise several orders of magnitude greater than what we can support today. We understand that software is living and needs investment. The challenge is making the right tradeoffs, communicating those decisions effectively, and crisp execution.

    Candidates should have

    • Bachelor's degree in Electrical Engineering, Computer Science or related field or equivalent experience

    • 5+ years of experience in hardware security architecture / engineering / validation / planning or related area

    • Demonstrated competency in application/product/software/hardware security

    • Must possess expertise in

    • Systems/embedded programming or reverse engineering (c/c++ preferred, x86/ARM programming would be a bonus)

    • Strong linux foundations including but not limited to systems programming, scripting, ability to modify kernel and build forks

    • Network hardware/firmware, topology and security expertise

    • Python programming

    • C/C++/ Java programming

    • Low-Level security vulnerabilities such as root-kits etc.

    • Basic cryptography

    • Hardware security fundamentals such as dealing with common interfaces, reading schematics is highly desirable

    • Basic fuzzing experience

    • Knowledge of trusted computing, root of trust, device sanitization standards are a bonus

    Career Level - IC3

    Responsibilities

    The candidate will be responsible for basic planning, design and build of security systems, applications, environments and architectures.

    Candidates will

    • Oversees the implementation of security systems, applications, environments and architectures and ensures compliance with information security standards and corporate security policies and procedures.

    • Assist in development of incident response capabilities, training, and tool validation.

    • Research, evaluate, track, and manage information security threats and vulnerabilities in the area of hardware and firmware

    • Work with team members and engineers across organizations to verify bug fixes, proof of concepts

    • Create tooling to automate testing of system security parameter settings and other tests as needed

    • Performing fuzzing using current tooling and extend tooling as needed

    • Assist creation of crypto operation ceremonies scripts, conduct ceremonies and perform post processing on secrets generated

    • Review device sanitization solutions to ensure safe disposable/reuse of equipment

    Disclaimer

    Certain US customer or client-facing roles may be required to comply with applicable requirements, such as immunization and occupational health mandates.

    Range and benefit information provided in this posting are specific to the stated locations only

    US: Hiring Range: from $87,000 to $178,200 per annum. May be eligible for bonus and equity.

    Oracle maintains broad salary ranges for its roles in order to account for variations in knowledge, skills, experience, market conditions and locations, as well as reflect Oracle's differing products, industries and lines of business.

    Candidates are typically placed into the range based on the preceding factors as well as internal peer equity.

    Oracle US offers a comprehensive benefits package which includes the following

    1. Medical, dental, and vision insurance, including expert medical opinion

    2. Short term disability and long term disability

    3. Life insurance and AD&D

    4. Supplemental life insurance (Employee/Spouse/Child)

    5. Health care and dependent care Flexible Spending Accounts

    6. Pre-tax commuter and parking benefits

    7. 401(k) Savings and Investment Plan with company match

    8. Paid time off: Flexible Vacation is provided to all eligible employees assigned to a salaried (non-overtime eligible) position. Accrued Vacation is provided to all other employees eligible for vacation benefits. For employees working at least 35 hours per week, the vacation accrual rate is 13 days annually for the first three years of employment and 18 days annually for subsequent years of employment. Vacation accrual is prorated for employees working between 20 and 34 hours per week. Employees working fewer than 20 hours per week are not eligible for vacation.

    9. 11 paid holidays

    10. Paid sick leave: 72 hours of paid sick leave upon date of hire. Refreshes each calendar year. Unused balance will carry over each year up to a maximum cap of 112 hours.

    11. Paid parental leave

    12. Adoption assistance

    13. Employee Stock Purchase Plan

    14. Financial planning and group legal

    15. Voluntary benefits including auto, homeowner and pet insurance

    The role will generally accept applications for at least three calendar days from the posting date or as long as the job remains posted.

    About Us

    As a world leader in cloud solutions, Oracle uses tomorrow's technology to tackle today's problems. True innovation starts with diverse perspectives and various abilities and backgrounds.

    When everyone's voice is heard, we're inspired to go beyond what's been done before. It's why we're committed to expanding our inclusive workforce that promotes diverse insights and perspectives.

    We've partnered with industry-leaders in almost every sector-and continue to thrive after 40+ years of change by operating with integrity.

    Oracle careers open the door to global opportunities where work-life balance flourishes. We offer a highly competitive suite of employee benefits designed on the principles of parity and consistency. We put our people first with flexible medical, life insurance and retirement options. We also encourage employees to give back to their communities through our volunteer programs.

    We're committed to including people with disabilities at all stages of the employment process. If you require accessibility assistance or accommodation for a disability at any point, let us know by calling +~~~, option one.

    Disclaimer:

    Oracle is an Equal Employment Opportunity Employer*. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans' status, or any other characteristic protected by law. Oracle will consider for employment qualified applicants with arrest and conviction records pursuant to applicable law.

    *** Which includes being a United States Affirmative Action Employer**