Principal Security Engineer

OCI Security Architecture is looking for an experienced security engineer to join our team. The candidate will get the opportunity to work with and learn from outstanding security engineers and architects across Oracle. They will be a security lead and collaborate with cross-functional teams to drive security improvements, innovation and initiatives across OCI.

Security Architecture is comprised of security experts who are focused and specialized in securing all aspects of OCI Cloud. As security experts, we are sought out by our partner engineering organizations to provide them guidance on designing their products, services and features. We set OCI wide security standards and hold a high security requirement bar for all services. We aim to provide the highest level of security to our customers.

The candidate should be a security-minded leader who can work with architects and/or a development teams as they design new capabilities. You must ensure that security requirements are met and the design implements the necessary controls to improve the security posture for the service. As a member of the Security Architecture team, you will be required to have a firm grasp on security technologies, trends in cloud security practices, and ability to communicate complex technical security requirements clearly to the development teams, conduct threat modeling, risk assessment, and risk mitigation. 

Career Level - IC4

Responsibilities displayed in the job posting

Key responsibilities:

As a security authority you will collaborate with multi-functional teams to drive security improvements, innovation, and best practices into the OCI's products and services. Will conduct threat modeling, security architecture reviews, risk assessment, and provide guidance on mitigating the identified issues. Build and maintain technical security standards and patterns for OCI.  Stay up-to-date on the latest advancements in cloud security and apply them to improve OCI's security posture. Provide experienced security guidance to service teams to ensure products, services, and feature are secure by default.  Lead OCI-wide cloud security initiatives to improve overall cloud security posture. Provide mentorship to junior engineers on the team.

Qualifications:

A minimum of 8+ years of experience with at least 5+ years in Cloud Security or Application Security or Product Security. Or a BS or MS in Computer Science/Engineering with a focus in Cybersecurity, or a related field with a minimum of 8 years of experience in the field is required. Experience in architecture, design, deployment, and handling of standard security practices and policies is required. 

Preferred qualifications includes, 

Experience as a security leader for a cloud product or set of cloud services, with expertise in IaaS, PaaS. Experience with architecture security reviews for products or services operating in a cloud environment. Expertise in concepts of Multi-tenancy, Cloud Security and Virtualization, Access Management, OAuth, Cloud SSO, Identity Provisioning, Identity Governance etc. Expertise in Encryption, Key management, Cybersecurity fundamentals (., access controls, common software vulnerabilities, and security standard methodologies), Deployment Methodologies, and Security Standards Compliance Certification (STIG, FedRAMP, PCI-DSS), etc. Very good understanding of concepts related to Docker, Container, Serverless Computing, and Kubernetes. Ability to craft large scalable systems for cloud customers with focus on security. Network security, VPN/Firewalls and software-defined networking experience is a plus. Experience operating within and supporting a security assurance and assessment program Excellent written and verbal communication skills, strong analytical and problem-solving skills. Disclaimer:

Certain US customer or client-facing roles may be required to comply with applicable requirements, such as immunization and occupational health mandates.

Range and benefit information provided in this posting are specific to the stated locations only

US: Hiring Range: from $109,100 to $223,500 per annum. May be eligible for bonus and equity.

Oracle maintains broad salary ranges for its roles in order to account for variations in knowledge, skills, experience, market conditions and locations, as well as reflect Oracle's differing products, industries and lines of business.
Candidates are typically placed into the range based on the preceding factors as well as internal peer equity.

Oracle US offers a comprehensive benefits package which includes the following:
1. Medical, dental, and vision insurance, including expert medical opinion
2. Short term disability and long term disability
3. Life insurance and AD&D
4. Supplemental life insurance (Employee/Spouse/Child)
5. Health care and dependent care Flexible Spending Accounts
6. Pre-tax commuter and parking benefits
7. 401(k) Savings and Investment Plan with company match
8. Paid time off: Flexible Vacation is provided to all eligible employees assigned to a salaried (non-overtime eligible) position. Accrued Vacation is provided to all other employees eligible for vacation benefits. For employees working at least 35 hours per week, the vacation accrual rate is 13 days annually for the first three years of employment and 18 days annually for subsequent years of employment. Vacation accrual is prorated for employees working between 20 and 34 hours per week. Employees working fewer than 20 hours per week are not eligible for vacation.
9. 11 paid holidays
10. Paid sick leave: 72 hours of paid sick leave upon date of hire. Refreshes each calendar year. Unused balance will carry over each year up to a maximum cap of 112 hours.
11. Paid parental leave
12. Adoption assistance
13. Employee Stock Purchase Plan
14. Financial planning and group legal
15. Voluntary benefits including auto, homeowner and pet insurance

---