Product Security RoleWho We Are
At Oracle Data Cloud (ODC) we unlock hidden potential with data. In the fast-paced world of digital advertising, ODC has built its legacy on finding the signal through the noise. Whatever corner of the industry you're in: brands, agencies, publishers, or technology platforms, we bring together data and technology that helps you better understand your audience, where to best engage them, and how to measure it all.What We're Looking For
ODC is looking for a Principal Product Security Engineer that has deep experience with a variety of programming languages, an in depth understanding of software development processes and experience securing products in an Agile development environment. This individual will report to the Chief Security Officer of Oracle Data Cloud.
In an average day, you will review code for security flaws, commit enhancements to new or existing code, sit with development teams and engineers, and help to educate developers about security best practices according to Oracle standards and guidelines. It is important to be comfortable writing and checking in code, analyzing output from SAST/DAST tooling, also have a strong understanding of software security vulnerabilities. As such, this is a technical role and involves hands-on application of software security.Core
- You are passionate about security, like learning new things and are comfortable making decisions in situations of uncertainty.
- Demonstrate initiative by suggesting modifications to existing tools or technologies or developing new tools that improve security for the business.
- Experience working in an Agile/SAFe development environment and communicating the value of security to developers or other engineers.
- Use your deep technical experience to guide discussions, designs and planning in a collaborative environment with multiple stakeholders.
Automation and cloud
- Strong background in software security, including assessments, patching, filtering, SDLC and best practices.
- Understanding of CVEs, vulnerabilities, triage, and prioritization.
- Ability to identify configuration flaws, and how adversaries might leverage them.
- Experience securing REST APIs and web services.
- Experience using and implementing SAST / DAST tools such as Fortify, Veracode, Checkmarx, or other similar tools.
- Familiarity with software library vulnerability scanning and tracking tools such as BlackDuck, Whitesource, and so on.
Security research and metrics
- Experience working in large scale cloud environments such as AWS, OCI, and others.
- Background with data including Spark, Hadoop, and traditional databases such as MySQL.
- Use your experience with DevSecOps, CI/CD, Containers and microservices to insert security into our build and deployment processes. We are looking for individuals who know how to use tools like CloudFormation, Terraform, GitLab, Docker and Kubernetes.
- Comfortable implementing security on high-volume, low-latency Internet solutions. We have real-time API's that receive over 10 billion requests per day from our partners and clients.
Come Join Our Team
- Background training or coaching engineering teams in security best practices.
- Have experience writing code to automate security processes or build security tooling.
- Ability to define and produce metrics.
- Assist other teams in making product security operational.
- You are comfortable juggling multiple projects and can self-prioritize as needed.
- Keep up to date with existing and emerging security technologies that can be adopted at ODC.
It's not every day you find an organization with more than 1,500 people that acts like a start-up. When you join Oracle Data Cloud, you're more than just an employee - you are part of a team. If you are the type of person who likes being hands on, wants to help secure software and are deeply passionate about security we want to talk to you.Benefits and Perks
Comprehensive Medical/Dental/Vision, 401k match, ESPP, Equity, Casual work environment, Flexible schedules, Game / break rooms, Maternity & Paternity programs, Collaborative offices, Referral programs and Training opportunities.Detailed Description and Job Requirements
Design, develop, troubleshoot and debug software programs for databases, applications, tools, networks etc.
As a member of the software engineering division, you will take an active role in the definition and evolution of standard practices and procedures. You will be responsible for defining and developing software for tasks associated with the developing, designing and debugging of software applications or operating systems.
Work is non-routine and very complex, involving the application of advanced technical/business skills in area of specialization. Leading contributor individually and as a team member, providing direction and mentoring to others. BS or MS degree or equivalent experience relevant to functional area. 7 years of software engineering or related experience.Oracle is an Affirmative Action-Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability, protected veterans status, age, or any other characteristic protected by law.