Do you have a passion for high scale services and working with some of Oracle's most critical customers? We are seeking an experienced, passionate, and talented cyber security engineer with a deep interest in vulnerability management and cloud security. This position is designed for technical security engineers adept at navigating the complexities of cloud security and leading efforts to increase security posture. In this key role, you will critically assess security architecture decisions, and lead the charge in secure planning, development, and coordination. Your expertise will guide the team through intricate cloud security challenges, ensuring our defences are both robust and adaptable.Who We AreWe are a world-class team of high calibre application security researchers and engineers who thrive on new challenges. We are an inclusive and diverse team with a full spectrum of experience distributed globally. We have the resources of a large enterprise and the energy of a start-up, working on a critical Greenfield software assurance project collaboratively with our cloud and mobile engineering teams. The Software Assurance organization has the mission is to make application security and software assurance, at scale, a reality. We are a dedicated team, leveraging each other’s insights and abilities to produce cutting edge solutions to difficult problems through automation and CI/CD. Join us to grow your career and create the future of software assurance at scale together.What You’ll BringA minimum of 8 years of experience in the cybersecurity field, with a focus on vulnerability management, cloud security, and security architecture analysis.Strong understanding of vulnerability management processes, remediation workflows, and validation of security findingsExperience designing and managing security metrics, dashboards, and reporting for technical and leadership audiencesProven expertise in cloud architecture and security principles, and a thorough understanding of risk management frameworksHands-on experience integrating data from security toolsProficiency in developing and implementing security policies and procedures within cloud environments to safeguard against potential threatsAbility to effectively assess and communicate risks and appropriate levels of urgency to management and engineering staffExcellent organizational, presentation, verbal, and written communication skills.Must be legally authorized to work in the UK without the need for employer sponsorship, now or at any time in the futureWork You’ll DoAs a member of our team, your days will be dynamic and filled with impactful work. You’ll be at the forefront of developing strategies to protect cloud-based systems and services. Your role is pivotal in navigating the evolving landscape of cloud security, where each day brings new challenges and opportunities for innovation. Each project presents a new set of challenges, whether it’s tailoring security solutions for Oracle’s critical customers, or navigating the complexities of global compliance requirements. Additional responsibilities include:Develop and refine new or updated vulnerability management and other technical policies and proceduresDesign, develop, and maintain security metrics and KPIs to measure the effectiveness, maturity, and progress of technical security programsPartner with the SOC, Oracle Cloud Infrastructure (OCI), Offensive Security, and other stakeholders to prioritize and validate the impact of suspected vulnerabilitiesAdvise customers on mitigation strategies and compensating controls while providing accurate and timely reporting that informs remediation progressValidate remediation actions to ensure vulnerabilities are fully resolvedEngage in cloud security architecture, design and implementation, providing expert guidance to ensure secure development and deployment practicesFocus on continuous process improvement while developing and refining security protocols and response strategies, ensuring they align with current best practices and regulatory requirementsCollaborate with OCI and other internal teams to enhance customer security posturePlay a key role in design consultations, facilitating meaningful involvement of the security team in project lifecycles and decision-making processesStay current on emerging threats, vulnerabilities, and industry trendsNice to HaveExperience automating metrics pipelines using scripting, APIs, or business intelligence platforms.Familiarity with regulatory frameworks (e.g., NIST, ISO 27001, CIS) and how they influence security metricsPrior experience working closely with IT operations, application teams, and others to support remediation and reporting effortsWhat We’ll Give YouA team of very skilled and diverse personnel across the globeAbility to work in a flexible work from home arrangementExposure to mind blowing large-scale cutting-edge systemsThe resources of a large, global operation while still having the small, start-up feel of a smaller team day to dayDevelop new skills and competencies working with our vast cloud product offeringsOngoing extensive training and skills development to further your career aspirationsIncredible benefits and company perksAn organization filled with smart, enthusiastic, and motivated colleaguesThe opportunity to impact and improve our systems and delight our customers
Job Title
Principal Security Engineer (Vulnerability Management)