Sr Principal Security Engineer - Product Security Architecture in Seattle, WA

$150K - $200K(Ladders Estimates)

Oracle Corporation   •  

Seattle, WA 98160

Industry: Information Technology

  •  

11 - 15 years

Posted 40 days ago

The Oracle Cloud Infrastructure (OCI) team can provide you the opportunity to build and operate a suite of massive scale, integrated cloud services in a broadly distributed, multi-tenant cloud environment. OCI is committed to providing the best in cloud products that meet the needs of our customers who are tackling some of the world's biggest challenges.


We offer unique opportunities for smart, hands-on engineers with the expertise and passion to solve difficult problems in distributed highly available services and virtualized infrastructure. At every level, our engineers have a significant technical and business impact designing and building innovative new systems to power our customer's business critical applications.


Role:


Sr Principal Security Engineer - Product Security Architecture


Profile:


Product Security Architecture assists the engineering organization and partners to build secure products, services, and features. We develop strong Product Security practices, partner with product owners, engineers and executives to ensure new products and features meet the highest security standards. Security is reflected every day in the services we build, our company operates and how we engage with service teams and partners. We are trusted advisers and guide the organization to deliver the most secure cloud in the industry.


Job Description:


Are you interested in securing a large-scale distributed cloud infrastructure and platforms? Oracle's Cloud team is building new IaaS and PaaS technologies that operate at high scale in a broadly distributed and rapidly growing multi-tenant cloud environment. Our mission is to provide our cloud customers with the most secure cloud products and services.


We're looking for hands-on security engineers with expertise and passion in solving difficult security problems in distributed systems, multi-tenant services and large-scale infrastructures. If this is you, at Oracle Cloud you can help design and build innovative new systems from the ground up. These are exciting times in our space - we are growing fast, and working on ambitious new initiatives. A security-focused engineer at any level can make significant technical and business impact.


As a Sr Principal Security Engineer you will lead engineers from the various cloud service teams to build secure cloud. Your influence and innovation in design of the full system architecture is critical. You should be familiar with security at all levels of the software, hardware, and network stack; while being exceptionally deep in a few. Intellectual curiosity and an excitement for the challenges of securing complex, massive systems are a must. You should value simplicity and usability as well as security and work comfortably in a collaborative, agile environment.


Things you'll do:

  • Collect, identify, and develop best practices, patterns, and anti-patterns for specific security-related problems.
  • Research new security technologies. Architect, design, prototype, support, and evaluate security-focused tools and services including project leadership.
  • Identify and understand inherent, systemic high-risk security issues that could lead to security incidents. Architect, design, prototype, support, and validate scalable security solutions to eliminate systemic issues, including project leadership.
  • Serve as security thought leader for all application security automation. Architect, design, prototype, support, and evaluate security-focused tools and services including project leadership.


Qualifications:

  • Bachelor's degree, Master's degree preferred, (or equivalent experience) in Computer Science or related field
  • 10+ years of experience in security engineering or related field
  • Strong sense of ownership, urgency, and drive
  • Demonstrable teamwork skills and resourcefulness
  • Possess self-drive to keep moving things forward even in the face of ambiguity and imperfect knowledge (avoid "analysis paralysis")
  • Sharp analytical abilities and proven design skills
  • Experience working in a large cloud or Internet software company
  • Sr Principal Security Engineer is expected to have experience in multiple security domains, to develop scalable solutions for complex business problems, including project leadership.
  • Experience with multiple programming languages (such as, Java, C++, Ruby, Python, Go, etc.)
  • Experience in several of the areas with expertise and depth in at least one:
  • Security consulting and development of best practices, patterns and anti-patterns, secure-by-default solutions for globally distributed cloud
  • Automation: from prototyping new security tools, evaluating/validating existing security tools, automation, to supporting and improving existing product security tools: SAST, DAST, IAST, RASP, SCA, etc.
  • Systemic security issues: identifying, root cause analysis, designing security solutions, including project leadership
  • Web application security experience:
  • Experience with web application vulnerabilities and mitigations beyond the OWASP Top 10
  • Expert in web browser security
  • Experience with federation protocols (SAML, OAuth)
  • Network security experience:
  • Building network security architectures for complex global networks
  • Network and web related protocols such as, TCP/IP, UDP, IPSEC, HTTP, HTTPS,
  • Routing protocols, such as BGP and route reflectors.


Detailed Description and Job Requirements

Design, develop, troubleshoot and debug software programs for databases, applications, tools, networks etc.


As a member of the software engineering division, you will take an active role in the definition and evolution of standard practices and procedures. Define specifications for significant new projects and specify, design and develop software according to those specifications. You will perform professional software development tasks associated with the developing, designing and debugging of software applications or operating systems.


Provide leadership and expertise in the development of new products/services/processes, frequently operating at the leading edge of technology. Recommends and justifies major changes to existing products/services/processes. BS or MS degree or equivalent experience relevant to functional area. 8 or more years of software engineering or related experience.


Oracle is an Affirmative Action-Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability, protected veterans status, age, or any other characteristic protected by law.

Valid Through: 2019-11-7