Oracle Director SaaS Cloud Security Red Team in Seattle, Washington
Director SaaS Cloud Security Red Team
We are looking for
a seasoned cloud security “Red Team” Director to join our efforts in reshaping
the cloud services landscape across industry verticals and leading a team of
cloud security ethical hacking engineers to revolutionize the delivery
of Cloud Services to the world’s most critical organizations. The SaaS Cloud Security organization is
responsible for securing enterprise-grade software services on behalf of our
25,000 customers, processing over 60 billion transactions per day.
As a Director and a security engineering manager
responsible for the SaaS Cloud Security Red Team, you will oversee the
development of red teaming methods and ethical hacking activities within the
Oracle SaaS cloud and infrastructure.
You will play a critical role in the design, development and execution
of multiyear ethical hacking strategies designed to improve the security and
certification posture of Oracle’s SaaS services.
This organization will be responsible for emulating
advanced persistent threat (APT) and other sophisticated cyber attackers to
perform internal/external attack testing, planning and coordinating attack
campaigns to mimic known adversarial tactics, techniques and procedures (TTPs)
to support the SaaS Cloud Security Detection and Response team to derive
indicators of compromise that can then be leveraged during hunting activities,
technical security research and supporting external customers with the Oracle
SaaS Automated Cloud Security services.
This position requires strong people management experience,
deep technical security knowledge and hands on strategic leadership in building
a successful ethical hacking team organization, motions and tactical execution
methods. With your deep security and cloud experience, you will shape
not only the future of cloud development and adoption at Oracle – but influence
the global security landscape in key vertical industries.
Behind every mission-critical Cloud service is a
sophisticated SaaS architecture supporting the largest companies in the world, employing
the most advanced software engineering.
We are proud to support those services and team with customers who
depend on them, continually innovating and challenging the status quo. Our team environment is progressive,
flexible, professionally challenging, rewarding, and fun.
Expects Results : Consistently drives high standards for each
individual, the team, and the organization to accomplish key goals.
Communicates andInfluences : Clearly
communicates information and ideas to individuals and teams in an articulate,
focused and compelling way. Willing to
offer intellectual mindshare.
Is Analytical andInstinctual : Compares information from multiple sources to identify
core issues. Uses data to make decisions
but also understands that instinct plays a part in innovating. Always uses good common sense combined with
Possesses Strong Technology and Architecture Acumen : In-depth understanding of technology, architecture
leadership and software development with the ability to draw from personal
experience to make recommendations.
Builds and MaintainsHigh Performing Teams : Attracts, develops, engages and retains
talented team members by creating an environment where people can realize their
full potential. Is ego-free. Acknowledges the work of others first.
will build and lead the team in planning and conducting ethical hacking attacks
on internally or externally hosted applications and infrastructure on a global
scale with an emphasis on critical functions targeted by adversaries.
will be actively participating in attack analysis duties as part of security
incident response in order to enable the team to remain abreast of the latest
and the team members will be planning, designing and engineering scripts,
frameworks, tools and the methods required for facilitating and executing
complex attacks and emulating adversarial TTPs.
will be leading and growing the ethical hacking and pen testing organization on
a scheduled and planned rotation basis to advance the team skills, experiences
will lead effective reporting, communication, status and solution
recommendations based on missions and hunting activities to leadership.
will ensure we have effective knowledge management of findings and review
results of any attack campaign in order to determine severity of findings and
identify potential remediation or mitigation strategies.
and the team will lead in-depth research of the latest adversarial TTPs and
technologies to remain at the bleeding edge of cloud security ethical hacking
and security protections.
will be a driver of creating a culture of project quality and attention to
detail at Oracle through your multi-faceted leadership approach including
results your team delivers, your hiring practices, and your dedication to
growing the individuals on your team into strong Oracle security leaders.
will regularly educate senior leadership regarding the strengths, weaknesses,
opportunities, and threats associated with strategic red teaming.
will provide regular threat/risk briefings to senior leadership regarding
issues raised by the red team and adjust red team activities and agenda based
on senior leadership input.
- You will work closely with your partners and
peers in security operations who leverage your research, analysis and results
to assist in driving security innovation and world class security solutions to
internal and external customers.
- You will influence and assist in new
security solutions, security processes, security standards to support hyper-scale SaaS growth.
- Executive level understanding and experience of cloud
security intrusions analysis
and security incident response.
- 6 years leadership experience managing a security ethical
hacking team for a large-scale IaaS/PaaS/SaaS Cloud Service Provider, or
Fortune 500 company.
- Deep technical understanding of security architecture, engineering,
deployment, and operation best practices.
- Strong and hands-on experience/knowledge in the following areas:
Web Penetration Testing (injection,
XSS, validation, session mgmt., web services etc.
Database (Oracle, MSSQL, and MySQL:
hosting, configuration, etc.).
Network (protocols, traffic
analysis, wireless, etc.).
Operating System (UNIX, Solaris,
Linux, Mac, Windows: configuration, file system, etc.).
Development (coding, scripting, SQL,
computer architecture, exploit writing, code analysis).
Application Analysis (fuzzing,
reverse engineering, disassembling (IDA, OllyDbg).
Crypto (password cracking,
encryption, algorithm analysis).
Campaign/Intrusion Set analysis and
- Problem solving skills to learn new technical and non-technical analysis techniques to overcome
- Knowledge of industry good practice
for foundational security elements including network device and system-level
- Ability to identify and implement both tactical and strategic solutions.
Demonstrated knowledge of AWS,
Azure or Google IaaS services.
- Ability to lead and
engage individuals and teams located across multiple geographies and or
- Strong written and verbal communications and
You thrive on collaboration. You
make the people around you better. You love to collaborate with peers,
engineers, operations, product managers, executives, and designers and inspire
them to do their best.
You are passionate andexperienced as a security leader. You
engage with your peers, the industry and experts to stay current on research,
threats, and innovation to drive the right directions and strategies from a
security infrastructure perspective.
You are customer focused. Our success is based on customer satisfaction
(internal and external) and how we build customer empathy in our culture, in
our execution and our results.
You make people successful. It is not about the “I”, it is about the
“team” and making your team and the organization successful. As leaders we focus on making our team
members as productive and empowered as possible to ensure optimized execution
You are open and transparent. We are a team that open, honest and shares
openly with ourselves and our customers to build trust.
You seek learning andfeedback. You
are self-critical, you proactively seek out feedback. We lead by example and share feedback and
learnings in a safe and productive way that focuses on improvements, root cause
analysis and never blame as the desired result.
You make things happen. You own and are accountable for delivering
the execution to the overall strategy and missions of the organization.
And finally, you want to bepart of creating dramatic and impactful change at a company that is committedto driving security innovation and world class engineering in the SaaS CloudSecurity space.
Advanced degree in computer science or related field.
Oracle isan Equal Employment Opportunity Employer. All qualified applicants will receiveconsideration for employment without regard to race, color, religion, sex,national origin, sexual orientation, gender identity, disability and protectedveterans status or any other characteristic protected by law.
Detailed Description and Job Requirements
Manage a team that designs, develops, troubleshoots and debugs software programs for databases, applications, tools, networks etc.
As a director of the software engineering division, you will apply your extensive knowledge of software architecture to manage software development tasks associated with developing, debugging or designing software applications, operating systems and databases according to provided design specifications. Build enhancements within an existing software architecture and envision future improvements to the architecture.
Assists in the development of short, medium, and long term plans to achieve strategic objectives. Regularly interacts across functional areas with senior management or executives to ensure unit objectives are met. Ability to influence thinking or gain acceptance of others in sensitive situations. Demonstrated leadership and people management skills. Strong communication skills, analytical skills, thorough understanding of product development. BS or MS degree or equivalent experience relevant to functional area. 7 years of software engineering or related experience.
Oracle is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans status or any other characteristic protected by law.
Job: Product Development
Other Locations: US-WA,Washington-Seattle
Job Type: Regular Employee Hire