Who We Are
We are a world-class team of high calibre application security researchers and engineers who thrive on new challenges. We are an inclusive and diverse team with a full spectrum of experience distributed globally. We have the resources of a large enterprise and the energy of a start-up, working on a critical Greenfield software assurance project collaboratively with our cloud and mobile engineering teams. The Software Assurance organization has the mission is to make application security and software assurance, at scale, a reality. We are a dedicated team, leveraging each other’s insights and abilities to produce cutting edge solutions to difficult problems through automation and CI/CD. Join us to grow your career and create the future of software assurance at scale together.
What You’ll Bring
A minimum of 8 years of experience in the cybersecurity field, with a focus on vulnerability management, cloud security, and security architecture analysis.Strong understanding of vulnerability management processes, remediation workflows, and validation of security findingsExperience designing and managing security metrics, dashboards, and reporting for technical and leadership audiencesProven expertise in cloud architecture and security principles, and a thorough understanding of risk management frameworksHands-on experience integrating data from security tools Proficiency in developing and implementing security policies and procedures within cloud environments to safeguard against potential threatsAbility to effectively assess and communicate risks and appropriate levels of urgency to management and engineering staffExcellent organizational, presentation, verbal, and written communication skills.Must be legally authorized to work in the UK without the need for employer sponsorship, now or at any time in the future
Nice to Have
Experience automating metrics pipelines using scripting, APIs, or business intelligence platforms.Familiarity with regulatory frameworks (., NIST, ISO 27001, CIS) and how they influence security metricsPrior experience working closely with IT operations, application teams, and others to support remediation and reporting efforts
What We’ll Give You
A team of very skilled and diverse personnel across the globeAbility to work in a flexible work from home arrangementExposure to mind blowing large-scale cutting-edge systemsThe resources of a large, global operation while still having the small, start-up feel of a smaller team day to dayDevelop new skills and competencies working with our vast cloud product offeringsOngoing extensive training and skills development to further your career aspirationsIncredible benefits and company perksAn organization filled with smart, enthusiastic, and motivated colleaguesThe opportunity to impact and improve our systems and delight our customersWork You’ll Do
As a member of our team, your days will be dynamic and filled with impactful work. You’ll be at the forefront of developing strategies to protect cloud-based systems and services. Your role is pivotal in navigating the evolving landscape of cloud security, where each day brings new challenges and opportunities for innovation. Each project presents a new set of challenges, whether it’s tailoring security solutions for Oracle’s critical customers, or navigating the complexities of global compliance requirements. Additional responsibilities include:
Develop and refine new or updated vulnerability management and other technical policies and procedures Design, develop, and maintain security metrics and KPIs to measure the effectiveness, maturity, and progress of technical security programs Partner with the SOC, Oracle Cloud Infrastructure (OCI), Offensive Security, and other stakeholders to prioritize and validate the impact of suspected vulnerabilities Advise customers on mitigation strategies and compensating controls while providing accurate and timely reporting that informs remediation progress Validate remediation actions to ensure vulnerabilities are fully resolved Engage in cloud security architecture, design and implementation, providing expert guidance to ensure secure development and deployment practices Focus on continuous process improvement while developing and refining security protocols and response strategies, ensuring they align with current best practices and regulatory requirements Collaborate with OCI and other internal teams to enhance customer security posture Play a key role in design consultations, facilitating meaningful involvement of the security team in project lifecycles and decision-making processes Stay current on emerging threats, vulnerabilities, and industry trends Career Level - IC4