Oracle Cloud Security Detection and Response Analyst in Sydney, Australia
Cloud Security Detection and Response Analyst
The Oracle SaaS Cloud Security organization is tasked with providing expert security knowledge and operational assessment of the various cloud systems. This includes security policy/standards definition and enforcement, operation/monitoring of security infrastructure in the cloud, regulatory compliance, and security testing for various systems that comprise the cloud environment.
This is a technical security operations role within the Oracle SaaS Cloud Security organization. The primary focus is response to and containment of potential and active security intrusions and breaches by following the incident response life cycle. Additional duties will include proactive hunting for threats and malicious behavior, researching security related vulnerabilities and how they are exploited, running and participating in tabletop exercises, evaluating new security tools, and provide security guidance to covered business units. The role will also assist in creating new correlations based on past investigations and identifying potential trends and patterns. Work is non-routine and very complex, involving the application of advanced technical and business skills in multiple areas of specialization.
Ensure the confidentiality, availability, and integrity of Oracle Cloud data and systems.
Respect and protect customer data.
Develop and implement security controls to detect and prevent infiltration of company systems and exfiltration of company data by adversaries.
Correlate data from disparate log sources to determine a baseline and generate alerts based on behavior based indicators.
Determine impact and scope of potential and confirmed incidents.
Provide management with incident reports and post mortems.
Manages critical incidents through all phases of the incident management life-cycle.
Investigate security events and determine whether they qualify as a security incident.
Write reports for management regarding the negative impact to the business caused by theft, destruction, alteration or denial of access to company data and systems.
Support incident response efforts as an Oracle Cloud incident responder though the development of incident response plays, tools, and coordinating with IT resources.
Take responsibility for the successful execution of the incident response plan.
Assist in development of incident response capabilities, training, and tool validation.
Manages registration of incidents and accumulation of statistics and/or metrics related to incident management.
Perform special security projects on an ad hoc basis.
Provide mentorship and direction to team members.
Perform other duties as assigned.
University degree from an accredited college or university, or equivalent certifications.
Experience in information security and technical aspects.
Three or more years of experience in utilizing enterprise security solutions including but not limited to SIEM, security detection and response tools, and endpoint security products.
Ability to analyze in network flow and full packet captures.
Skills in triaging a security incident from initial detection to resolution.
Strong log analysis, deduction, analytical, and problem solving skills.
Self-starter and self-sufficient, doesn’t need to be micro-managed.
Excellent team player, willing to share knowledge and skills with peers.
Knowledge of Information Security standards and access controls such as ISO27001/2, PCI DSS, and other international standards.
Possess the ability to adjust and adapt to changing priorities in a dynamic environment.
Strong technical experience with Linux or similar Unix platforms (Oracle Linux, CentOS, RHEL, Solaris, BSD), macOS, and Windows.
At least 3 years experience as a network analyst or systems administrator.
Ability to project credibility and confidence at all levels of the organization.
Strong knowledge of Oracle systems and software.
Strong organizational skills and detail-orientation essential.
Strong presentation, written and verbal communication skills.
Ability to document and transfer knowledge and cross-train peers.
Knowledge of virtualization and scripting.
Experience in one or more of the following required:
Managing cloud security incident and breach response investigations
Disk & Memory forensics
Network forensics / analysis
Detailed Description and Job Requirements
Design, develop, troubleshoot and debug software programs for databases, applications, tools, networks etc.
As a member of the software engineering division, you will take an active role in the definition and evolution of standard practices and procedures. You will be responsible for defining and developing software for tasks associated with the developing, designing and debugging of software applications or operating systems.
Work is non-routine and very complex, involving the application of advanced technical/business skills in area of specialization. Leading contributor individually and as a team member, providing direction and mentoring to others. BS or MS degree or equivalent experience relevant to functional area. 7 years of software engineering or related experience.
Job: Product Development
Job Type: Regular Employee Hire