Security Engineer (JoinOCI-Ns2) Data Loss Prevention (DLP)

Oracle


Job Description

We are looking for people with experience protecting critical infrastructure to help us defend Oracle from external and internal threats. Our team is skilled in threat hunting, analyzing indicators of compromise (IOCs), investigating adverse security events, security incident management, and digital forensics across IaaS, PaaS and SaaS environments. You will be part of a security operations team responsible for defending this infrastructure from adversaries and insider threats. This includes using tools to analyze and respond to threats, creating tools/scripts to aid in analysis, and responding in real time to adverse security events. Our team is the last line of defense if security controls are breached. We are growing fast and working on ambitious new initiatives.

The Role

We are looking for a seasoned leader who can drive the creation and implementation of a data loss prevention (DLP) program across OCI. This program will include data at rest, data in motion, and data in use. You will create a data loss prevention standard, coordinate that with the appropriate security and legal teams across the company and oversee its implementation. You will drive the establishment of DLP capabilities within Oracle’s Office 365 tenant as well as the implementation of OCI’s native DLP solution.

Key Responsibilities

  • Own OCI standards for data loss prevention
  • Own the OCI DLP implementation strategy and roadmap
  • Act as the security product manager for OCI native DLP products
  • Oversee DLP investigations
  • Understand DLP use cases and mentor the security team on how to detect DLP violations
  • Partner with Global Information Security for DLP-related employee investigations
  • Establish a DLP program for M&A activities

Preferred Qualifications

  • 5 years of experience in DLP (client/server/cloud), incident response and/or security operations center activities at a cloud service provider
  • Effective written and oral communications skills with the ability to deliver technical information to non-technical staff
  • Comfortable working in an ambiguous, fast-paced, unpredictable environment
  • Experience working in a highly collaborative, team centric, event driven operations team
  • Experience with variety of technologies and how they are used to exfiltrate data
  • Experience with a variety of DLP tools (data at rest, data in motion, data in use)
  • Experience with a wide variety of logs and telemetry including AV, web server, SIEM, etc.
  • Experience with sophisticated threat actors and complex security incidents
  • Understanding of insider threat actor tactics, techniques, and procedures (TTPs) and threat analysis models like MITRE ATT&CK Framework
  • Experience developing and hunting using DLP-related indicators of compromise (IOC’s)
  • Experience performing open source research on a variety of topics
READ:   Principal Software Engineer (FinOps), Trilogy (Remote) - $400,000/year USD

Oracle is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans status or any other characteristic protected by law

Responsible for the planning, design and build of security architectures; oversees the implementation of network and computer security and ensures compliance with corporate security policies and procedures.

Responsible for expert planning, design and build of security systems, applications, environments and architectures; oversees the implementation of security systems, applications, environments and architectures and ensures compliance with information security standards and corporate security policies and procedures.

Evaluates existing and proposed technical architectures for security risk, provides expert technical advice to support the design and development of secure architectures and recommends security controls to mitigate those risks. Evaluations of internal security architecture may include design assessment, risk assessment, and threat modeling.

Provides expert technical advice and direction to support the design and development of secure architectures.

Maintain expert proficiency in emerging trends in information security.

Determine the best practices for the large-scale Big Data infrastructure used by some Oracle LOBs, including tooling, data architecture, and content.

May lead incident management teams and provide expert level incident management expertise. Coordinates incidents with other business units and may act as incident commander of multiple serious incidents. Leads development of new methods, playbooks and provide thought-leadership related to incident management throughout Oracle.

May provide leadership in an incident management team, bringing expert-level skills to respond to security events in line with Oracle incident response playbooks. Investigates purported intrusions and breaches, and oversees root cause analysis. Coordinates incidents with other business units and may act as Incident Commander on multiple serious incidents. Leads development of new methods, and playbooks, as well as highly sophisticated scripts, applications, and tools. Trains and mentors other staff, and may supervise incident management teams.

READ:   Software Engineer

Brings expert-level skills to research, evaluate, track, and manage information security threats and vulnerabilities in situations where in-depth analysis of ambiguous information is required, but no computer programming/scripting knowledge is required. Leads development of highly sophisticated scripts, applications, and tools, and trains others in their use.

Focus on operational and strategic level tasks, and provide counsel and guidance to the junior level security operations engineers in the department.

Minimum of 12 years related experience in an information security role supporting security programs and security engineering/architecture in complex enterprise environments. Hands on experience with enterprise security architecture, engineering and implementation required.

Knowledge of compliance program security controls, like ISO 27001, SOC 2, HITRUST, and FedRAMP, as applied to cloud SaaS, PaaS and IaaS operations.

Familiarity with SDLC principles and scripting & programming languages (such as Terraform, Python, and Ruby).

Expert level knowledge of: Cloud architecture and security principles. Risk Management Frameworks. *nix and Windows system administration. Experience with logging and log analysis.

Preferred But Not Required Qualifications Include

Bachelor-level university degree in a relevant field from an accredited university, or equivalent.

Expert level knowledge of web technologies, middleware, database, OS, firewalls, network communication protocols and methods.

Knowledge of database security principles.

Strong knowledge of encryption technologies and architectures.

Experience with identity management principles and technology.

Experience developing security architecture strategies that align to enterprise architecture strategy and the company’s business strategy.

Current CISSP, CISM, or the equivalent.

If you are a Colorado resident, Please Contact us or Email us at [email protected] to receive compensation and benefits information for this role. Please include this Job ID: 117927 in the subject line of the email.

About Us

Innovation starts with inclusion at Oracle. We are committed to creating a workplace where all kinds of people can be themselves and do their best work. It’s when everyone’s voice is heard and valued, that we are inspired to go beyond what’s been done before. That’s why we need people with diverse backgrounds, beliefs, and abilities to help us create the future, and are proud to be an affirmative-action equal opportunity employer.

READ:   Site Reliability Engineer, Americas

Oracle is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans status, age, or any other characteristic protected by law. Oracle will consider for employment qualified applicants with arrest and conviction records pursuant to applicable law.

  • Seniority level


    Entry level

  • Employment type


    Full-time

  • Job function


    Information Technology

  • Industries


    Information Technology and Services, Computer Software, and Financial Services


Apply

Related Jobs
  • Crossover for Work
    Full Time
    Bridgetown, Saint Michael, Barbados

    Crossover is the world's #1 source of remote full-time jobs. Our clients offer top-tier pay for top-tier talent. We're recruiting this role for our client, Trilogy. Have you got what it takes?Are you the go-to backend engineering leader on
  • Global Nomadic
    Full Time
    Melbourne, Victoria, Australia

    Location: Talara, PeruDuration: Minimum 2 weeks, maximum 6 monthsCost: from $1180 USD for the first 2 weeks + $350-$430 for each week thereafterFee Includes: all food, accommodation, airport pickup, pre-departure + in-country support, orie
  • Finish Line
    Full Time
    Centre, Cameroon

    Come work for us!We are looking for dedicated employees to join our team to help our customers have the best experience possible every time they enter a JD Finish Line store.Our employees are key to our success.Position Title: Store Assoc
  • Accenture in India
    Full Time
    Bengaluru, Karnataka, India

    About Accenture: Accenture is a global professional services company with leading capabilities in digital, cloud and security. Combining unmatched experience and specialized skills across more than 40 industries, we offer Strategy and Cons
Guías Online