Security Engineer 3

Job Description

*Responsible for the planning, design and build of security architectures; oversees the implementation of network and computer security and ensures compliance with corporate security policies and procedures.Responsible for basic planning, design and build of security systems, applications, environments and architectures; oversees the implementation of security systems, applications, environments and architectures and ensures compliance with information security standards and corporate security policies and procedures. Assist in development of incident response capabilities, training, and tool validation. May research, evaluate, track, and manage information security threats and vulnerabilities in situations where analysis of well-understood information is required and where computer programming/scripting knowledge is required. May participate in an incident management team, responding to security events in line with Oracle incident response playbooks. Investigates purported intrusions and breaches, and oversees root cause analysis. Coordinates incidents with other business units and may assist the Incident Commander during serious incidents. Participates in developing new methods, and playbooks, as well as basic scripts, applications, and tools. Research industry trends and constantly assess current controls and threat posture of new and existing products and services. Recommend and implement new security controls across Oracle s line of business (LOB). Improve current processes and workflows to minimize manual efforts.Minimum of 5 years related experience in an information security role, supporting security programs and security engineering/architecture in complex enterprise environments. Hands on experience with enterprise security architecture, engineering and implementation required. Knowledge of compliance program security controls, like ISO 27001, SOC 2, HITRUST, and FedRAMP, as applied to cloud SaaS, PaaS and IaaS operations. Familiarity with SDLC principles and scripting & programming languages (such as Terraform, Python, Ruby, etc.). Preferred but not required qualifications include: Bachelor-level university degree in a relevant field from an accredited university, or equivalent. Experience in developing secure, scalable cloud architectures and distributed systems. Experience with high-level software design and development and the design, use, and deployment of automation and orchestration frameworks. Demonstrable scripting or programming experience., *Are you interested in building large-scale distributed infrastructure for the cloud Oracle s Cloud Infrastructure team is building its next generation Cloud IaaS/PaaS/SaaS technologies that operate at high scale in a broadly distributed multi-tenant environment. Our customers run their businesses on our cloud, and our mission is to provide them with outstanding, foundational cloud networking services.https://cloud.oracle.com/cloud-infrastructureOur team designs, engineers and operates the security for our best in class cloud services. We are reimagining the traditional enterprise thinking of security and crafting an environment suitable for the most fast paced and security conscience customers with our new large scale distributed services. This team is here to protect the customers, protect our cloud and make sure it is best of breed.We are looking for individuals with experience in threat hunting, determining indicators of compromise (IOCs), incident management, and red team/blue team activities for our IaaS, PaaS and SaaS environments. You will be part of a Detection and Response Team who are responsible for the security monitoring, investigation and reporting of product security incidents for all of the cloud. This includes; using tools to investigate, crafting tools/scripts to aid in quick analysis and response, and responding to security events. The position operates and tunes security-supporting tools, provides requirements for new security tools and builds use cases for additional monitoring situations.If this excites you, come help us deliver the next level of secure cloud computing. These are exciting times in our space - we are growing fast, still at an early stage and working on results-oriented new initiatives. An engineer at any level can have significant technical and business impact.Responsibilities

1. Monitor Oracle Cloud Infrastructure for intrusions by perform hunting exercises using threat intelligence, analysis of anomalous log data and results of historical events and data to detect and respond to threats
2. Develop anomaly detection dashboards and reports to identify potential threats, suspicious activity, and intrusions
3. Monitor for security indicators by correlating and analysing a variety of application, network and host-based security logs and resolving accurate remediation actions and critical issue paths for each incident
4. Develop scripts to support the automation of the detection and incident response process
5. Evaluate and recommend new and emerging security solutions and technologies
6. Deliver self-service security metric data of discovery, triage and trending analysis of team findings
7. Mentor and support junior team members
8. Lead investigations across a sophisticated set of data and services
9. Participate in Red/Blue/Purple team activities

Preferred Qualifications

1. Bachelor s Degree in Computer Science, Information Assurance, Security, Management Information Systems, Risk Management or equivalent work experience
2. 3-5+ years of related cybersecurity architecture, engineering, or SOC work experience (monitoring, detection, incident response, forensics)
3. Intermediate scripting using Python, Perl, PowerShell, or an equivalent language
4. Excellent written and verbal communications, including presentation skills, are meaningful to be successful in this role
5. Proven ability to effectively connect with all levels of the organization, as well as with external parties
6. Effectively communicate security concepts with both technical and non-technical individuals
7. Preferred knowledge of current sophisticated adversary TTP s and experience responding to APT charges
8. Understanding of host and network Incident Response processes, tasks, and tools
9. Knowledge of operational security tools and practices (e.g. IDS, firewalls, & 3rd-party security products)

Keyskills :
security toolsidsiso 27001customer relationsroot causenetworkingfirewallpenetration testinginformation security standardsuse casesbusiness unitsmanagement information systems