Job Information
Oracle Senior Principal Security Engineer - Oracle SaaS in Sacramento, California
Senior Principal Security Engineer - Oracle SaaS
Preferred Qualifications
Position Overview
SaaS Cloud Security is looking for a seasoned Senior Principal Security Engineer to join our efforts in reshaping the cloud services landscape across industry verticals and solve difficult problems by designing and building innovative new systems to revolutionize the delivery of Cloud Services to the world s most critical organizations. The SaaS Cloud Security organization is responsible for securing enterprise-grade software services on behalf of our 25,000 customers, processing over 60 billion transactions per day.
As an Senior Principal Security Engineer and a member of the SaaS Cloud Security organization you will design, develop, and support applications and solutions that secure Oracle s cloud services. You will take an active role in the definition and evolution of standard practices and procedures. You will be responsible for the design and influence of not only applications, but also the tools and processes that make up the entire deployment ecosystem. You will work closely with team members to solve day to day problems, create utilities and applications, and create a security platform of tools that benefits all of Oracle s SaaS offerings.
Requirements
Prior experience in Security Operations and Incident Response
Basic understanding of system exploits (e.g. Buffer Overflows, PTH attacks, windows authentication framework etc.). Basic understanding of DDoS techniques and mitigation mechanisms
Experience in architecting applications built on Cloud platforms or using UI tools i.e. Apex/ Oracle JET etc
Excellent scripting experience in shell/ perl/ python etc and worked on developing at least 2 automation tools
Experience in working through audit reviews with external/ internal auditors
Strong knowledge in Weblogic, Oracle Access Manager and Oracle Internet Directory. Knowledge of Linux Operating system and experience with basic system administration
Strong understanding of web applications, web servers, application firewalls, frameworks and protocols with respect to web application development, deployment, and operations
Prefer 8 years of cumulative experience in automation/ scripting, application/ db audits, network security, Linux/ Weblogic, identity management and database administration
Excellent Logical and Practical understanding of SDLC. Good understanding of OWASP Risks, Vulnerabilities and Mitigation Mechanisms
Should be able to drive projects end to end independently and be capable of keeping management apprised of status
Experience in reviewing and analyzing log files and data correlation
Experience working with SAML 2.0, OIDC and oAuth2 protocols
Knowledge of network security architectures, including firewalls, Demilitarized Zones (DMZ), router ACLs (Access Control Lists), and web content filters. Reasonable knowledge of networking i.e. DNS records, LoadBalancers, subnets etc
Proven ability to meet established service levels, availability, performance, data privacy, and security guidelines is necessary
Concepts of Public Key Infrastructure, cryptography, SSL, certificate management
Deep knowledge of encryption and cryptographic algorithms including current industry standards for encryption, hashing certificates etc
Oracle Cloud Infrastructure - Prior knowledge and/ or certification.
Knowledge of Java programming is a huge plus
Responsibilities
Implement, maintain and review new and existing identity/ security deployments for customers
Work on architecting custom solutions and deploying those via Oracle proprietary tools i.e Break Glass, Oracle Identity Federation, Secrets Vault etc on customer environments
Work closely with management for exec reporting, audit reviews, customer meetings, strategic planning, hiring efforts etc.
Drive cross team security projects with tight timelines requiring effective collaboration with various peer groups. Work with vendors to ensure smooth life cycle management of 3rd party products.
Work on Entitlements management, segregation of duties, identity governance, identity cloud service etc.
Drive development/ automation for security tools management and workflow integration
Collaborate with key stakeholders within Information Security, Development and Engineering teams to develop specific use cases to address specific business needs
Work on deploying federation via SAML/ oAuth b/w various flavors of partners i.e. IDCS/ OIF/ ADFS/ Okta/ Siteminder etc
Work on WAF implementation planning and deployment across the Oracle SaaS fleet
Candidates will work closely Oracle IDM development in resolving bugs and implementing new functionality. Candidate will berequired to work independently as well as part of small and larger team.
Work on resolving service requests by customers on various cloud operational requirements
Weekend work is expected at times and there is a possibility of working weekend shifts
Detailed Description and Job Requirements
Work with Oracle's world class technology to develop, implement, and support Oracle's global infrastructure.
As a member of the IT organization, lead the design, development, modification, debugging, and evaluation programs for extremely complex internal systems. Provide expertise to analyze existing programs or formulate logic for new internal systems. Develop conversion and system implementation plans. Recommend changes to development, maintenance, and system standards.
Provide leadership and expertise in extremely complex internal systems, frequently operating at the leading edge of technology. Recommend and justify major changes to existing internal systems. BS or MS degree or equivalent experience relevant to functional area. Ten or more years of related experience recommended.
Oracle is an Affirmative Action-Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability, protected veterans status, age, or any other characteristic protected by law.
Job: Information Technology
Location: US-California
Other Locations: US-CA,California-Pleasanton, US-WA,Washington-Seattle, US-CA,California-Redwood City
Job Type: Regular Employee Hire
Organization: Oracle
Oracle
-
- Oracle Jobs