Security Engineer (JoinOCI-Ns2) Data Loss Prevention (DLP)

Oracle


Job Description

We are looking for people with experience protecting critical infrastructure to help us defend Oracle from external and internal threats. Our team is skilled in threat hunting, analyzing indicators of compromise (IOCs), investigating adverse security events, security incident management, and digital forensics across IaaS, PaaS and SaaS environments. You will be part of a security operations team responsible for defending this infrastructure from adversaries and insider threats. This includes using tools to analyze and respond to threats, creating tools/scripts to aid in analysis, and responding in real time to adverse security events. Our team is the last line of defense if security controls are breached. We are growing fast and working on ambitious new initiatives.

The Role

We are looking for a seasoned leader who can drive the creation and implementation of a data loss prevention (DLP) program across OCI. This program will include data at rest, data in motion, and data in use. You will create a data loss prevention standard, coordinate that with the appropriate security and legal teams across the company and oversee its implementation. You will drive the establishment of DLP capabilities within Oracle’s Office 365 tenant as well as the implementation of OCI’s native DLP solution.

Key Responsibilities

  • Own OCI standards for data loss prevention
  • Own the OCI DLP implementation strategy and roadmap
  • Act as the security product manager for OCI native DLP products
  • Oversee DLP investigations
  • Understand DLP use cases and mentor the security team on how to detect DLP violations
  • Partner with Global Information Security for DLP-related employee investigations
  • Establish a DLP program for M&A activities

Preferred Qualifications

  • 5 years of experience in DLP (client/server/cloud), incident response and/or security operations center activities at a cloud service provider
  • Effective written and oral communications skills with the ability to deliver technical information to non-technical staff
  • Comfortable working in an ambiguous, fast-paced, unpredictable environment
  • Experience working in a highly collaborative, team centric, event driven operations team
  • Experience with variety of technologies and how they are used to exfiltrate data
  • Experience with a variety of DLP tools (data at rest, data in motion, data in use)
  • Experience with a wide variety of logs and telemetry including AV, web server, SIEM, etc.
  • Experience with sophisticated threat actors and complex security incidents
  • Understanding of insider threat actor tactics, techniques, and procedures (TTPs) and threat analysis models like MITRE ATT&CK Framework
  • Experience developing and hunting using DLP-related indicators of compromise (IOC’s)
  • Experience performing open source research on a variety of topics
READ:   Lead Analyst, Data and Analytics Team

Oracle is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans status or any other characteristic protected by law

Responsible for the planning, design and build of security architectures; oversees the implementation of network and computer security and ensures compliance with corporate security policies and procedures.

Responsible for expert planning, design and build of security systems, applications, environments and architectures; oversees the implementation of security systems, applications, environments and architectures and ensures compliance with information security standards and corporate security policies and procedures.

Evaluates existing and proposed technical architectures for security risk, provides expert technical advice to support the design and development of secure architectures and recommends security controls to mitigate those risks. Evaluations of internal security architecture may include design assessment, risk assessment, and threat modeling.

Provides expert technical advice and direction to support the design and development of secure architectures.

Maintain expert proficiency in emerging trends in information security.

Determine the best practices for the large-scale Big Data infrastructure used by some Oracle LOBs, including tooling, data architecture, and content.

May lead incident management teams and provide expert level incident management expertise. Coordinates incidents with other business units and may act as incident commander of multiple serious incidents. Leads development of new methods, playbooks and provide thought-leadership related to incident management throughout Oracle.

May provide leadership in an incident management team, bringing expert-level skills to respond to security events in line with Oracle incident response playbooks. Investigates purported intrusions and breaches, and oversees root cause analysis. Coordinates incidents with other business units and may act as Incident Commander on multiple serious incidents. Leads development of new methods, and playbooks, as well as highly sophisticated scripts, applications, and tools. Trains and mentors other staff, and may supervise incident management teams.

READ:   Senior Software Engineer, Trilogy (Remote) - $60,000/year USD

Brings expert-level skills to research, evaluate, track, and manage information security threats and vulnerabilities in situations where in-depth analysis of ambiguous information is required, but no computer programming/scripting knowledge is required. Leads development of highly sophisticated scripts, applications, and tools, and trains others in their use.

Focus on operational and strategic level tasks, and provide counsel and guidance to the junior level security operations engineers in the department.

Minimum of 12 years related experience in an information security role supporting security programs and security engineering/architecture in complex enterprise environments. Hands on experience with enterprise security architecture, engineering and implementation required.

Knowledge of compliance program security controls, like ISO 27001, SOC 2, HITRUST, and FedRAMP, as applied to cloud SaaS, PaaS and IaaS operations.

Familiarity with SDLC principles and scripting & programming languages (such as Terraform, Python, and Ruby).

Expert level knowledge of: Cloud architecture and security principles. Risk Management Frameworks. *nix and Windows system administration. Experience with logging and log analysis.

Preferred But Not Required Qualifications Include

Bachelor-level university degree in a relevant field from an accredited university, or equivalent.

Expert level knowledge of web technologies, middleware, database, OS, firewalls, network communication protocols and methods.

Knowledge of database security principles.

Strong knowledge of encryption technologies and architectures.

Experience with identity management principles and technology.

Experience developing security architecture strategies that align to enterprise architecture strategy and the company’s business strategy.

Current CISSP, CISM, or the equivalent.

If you are a Colorado resident, Please Contact us or Email us at [email protected] to receive compensation and benefits information for this role. Please include this Job ID: 117927 in the subject line of the email.

READ:   Data Engineer

About Us

Innovation starts with inclusion at Oracle. We are committed to creating a workplace where all kinds of people can be themselves and do their best work. It’s when everyone’s voice is heard and valued, that we are inspired to go beyond what’s been done before. That’s why we need people with diverse backgrounds, beliefs, and abilities to help us create the future, and are proud to be an affirmative-action equal opportunity employer.

Oracle is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans status, age, or any other characteristic protected by law. Oracle will consider for employment qualified applicants with arrest and conviction records pursuant to applicable law.

  • Seniority level


    Entry level

  • Employment type


    Full-time

  • Job function


    Information Technology

  • Industries


    Information Technology and Services, Computer Software, and Financial Services


Apply

Related Jobs
  • Full Time

    Volunteer: 1-hour Tech Systems call for Second Chance At Renewing Self (S.C.A.R.S) Apply
  • TransPerfect
    Full Time
    Francistown, Central District, Botswana

    TransPerfect DataForce is an unmatched network of in-country professionals that provides data to make AI systems smarter. With over 350,000 global experts, we collect and annotate data used by our clients to offer a superior AI-enabled cus
  • UNOPS
    Español
    Puerto Cabezas, Región Autónoma del Atlántico Norte, Nicaragua

    Functional Responsibilities:El/La Asociado/a de de Adquisiciones reportará a el/la Oficial de Adquisiciones y trabajará en estrecha coordinación con los/as miembros del área en las funciones especificadas a continuación: Servicios de
  • Bilfinger
    Español
    Nicaragua

    Korrosionsschützer (m/w/d) für unsere Betriebsstätte KKW Emsland Lingen Standort: LingenDie Bilfinger arnholdt GmbH in Oberhausen ist eine Tochtergesellschaft der Bilfinger SE aus dem Geschäftsfeld der Engineering & Maintenance und geh
Guías Online