Jobs for Veterans, Veteran Job Board |

Post Jobs

Job Information

Oracle OCI Security Penetration Testing Engineer in Chicago, Illinois

Design, develop, troubleshoot and debug software programs for databases, applications, tools, networks etc.

As a member of the software engineering division, you will assist in defining and developing software for tasks associated with the developing, debugging or designing of software applications or operating systems. Provide technical leadership to other software developers. Specify, design and implement modest changes to existing software architecture to meet changing needs.

Duties and tasks are varied and complex needing independent judgment. Fully competent in own area of expertise. May have project lead role and or supervise lower level personnel. BS or MS degree or equivalent experience relevant to functional area. 4 years of software engineering or related experience.

Oracle is an Affirmative Action-Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability, protected veterans status, age, or any other characteristic protected by law.

/The Oracle Cloud Infrastructure (OCI) team can provide you the opportunity to build and operate a suite of massive scale, integrated cloud services in a broadly distributed, multi-tenant cloud environment. OCI is committed to providing the best in cloud products that meet the needs of our customers who are tackling some of the world s biggest challenges./

/ /

/We offer unique opportunities for smart, hands-on engineers with the expertise and passion to solve difficult problems in distributed highly available services and virtualized infrastructure. At every level, our engineers have a significant technical and business impact designing and building innovative new systems to power our customer s business critical applications./

Offensive Security Penetration Testing Engineer

Are you interested in building large-scale distributed infrastructure for the cloud? Oracle's Cloud Infrastructure team is building new Infrastructure-as-a-Service technologies that operate at high scale in a broadly distributed multi-tenant cloud environment. Our customers run their businesses on our cloud, and our mission is to provide them with best in class compute, storage, networking, database, security and an ever expanding set of foundational cloud-based services.

We're looking for hands-on security engineers with expertise and passion in solving difficult security problems in distributed, multi-tenant services and infrastructure. If this is you, at Oracle you can help design and build innovative new systems from the ground up. These are exciting times in our space - we are growing and working on ambitious new initiatives. A security-focused engineer at any level can have significant technical and business impact.

Within OCI, the Offensive Security team conducts penetration tests, hardware security research, and operates our red team. We ensure the security of software and hardware that run our cloud infrastructure, and strive to continuously improve our security stance. The OCI Offensive Security group works as a team. We don't try to fit people into predefined roles. We bring together the right people who can enhance the capability of the team, and build roles around the person's skills and interests. To get you excited, here is a list of some of the projects over the last year this team has worked on:

Big iron - ExaLogic, ExaData, UltraSPARC, InfiniBand

Firmware reverse engineering of various hardware components

Developing custom fuzzing platforms for code-coverage analysis

Several different hypervisors

Linux and Windows kernel mode non-sense

The list goes on and on!

As a Penetration Testing Engineer, you will be working closely with software engineers from the various cloud service teams to build a secure architecture that is fundamentally sound and efficient. Your influence over the design of the full system architecture is critical. You should be familiar with security at all levels of the software, hardware, and network stack; while being exceptionally deep in a few. Intellectual curiosity and an excitement for the challenges of securing complex, massive systems is a must. You should value simplicity and usability as well as security and work comfortably in a collaborative, agile environment.

Some of our people have qualifications like the ones listed below. Our ideal candidate is passionate about security and furthering their knowledge every day. You enjoy diving into complex source code audits to reveal subtle security vulnerabilities, writing new tools such as fuzzers in languages such as C/C , Python, Ruby, Go or Java, tearing apart an undocumented file format or network protocol and coming up with novel techniques to solve unique and interesting security problems. We hope you like working at scale as much as we do much as we do, because Oracle has no shortage of it.

Things you'll do:

**Penetration testing

**Hardening of network, software and firmware

**Security tool development (e.g. scanning tools)

**Security metrics definition and delivery

**Consult across different software development teams

**Attack vector modeling

**Champion secure coding practices

Basic Qualifications:

**Bachelor s or Master s degree in Computer Science or related field

  • 3 years of experience in vulnerability discovery / security engineering / application security

  • Demonstrated history of vulnerability discovery (CVEs, etc.)

**Experience working in a large cloud or Internet software company preferred

**Strong application/product/software security background

**Ability to effectively assess and communicate risks and appropriate levels of urgency to management and engineering staff

**Excellent organizational, verbal and written communication skills

**Ability to succeed through collaboration and working through internal and external organizations and individuals

**Prior DevOps or continuous delivery and deployment experience preferred

**OSCP, OSCE, CREST and other industry certifications are a plus

  • *

  • *

Oracle is an equal opportunity employer. OCI empowers a diverse team, and we strive to involve as many perspectives as possible in our innovation process. All applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans status or any other characteristic other than merit.

Job: *Product Development

Organization: *Oracle

Title: OCI Security Penetration Testing Engineer

Location: United States

Requisition ID: 190014RR

Other Locations: US-OR,Oregon-Portland, US-WA,Washington-Seattle