Oracle Security Engineer in Annapolis Junction, Maryland
Design, develop, troubleshoot and debug software programs for databases, applications, tools, networks etc.
As a member of the software engineering division, you will apply basic to intermediate knowledge of software architecture to perform software development tasks associated with developing, debugging or designing software applications or operating systems according to provided design specifications. Build enhancements within an existing software architecture and occasionally suggest improvements to the architecture.
Duties and tasks are standard with some variation; displays understanding of roles, processes and procedures. Performs moderately complex problem solving with assistance and guidance in understanding and applying company policies and processes. BS degree or equivalent experience relevant to functional area. 1 year of software engineering or related experience.
Oracle is an Affirmative Action-Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability, protected veterans status, age, or any other characteristic protected by law.
About the Team:
The OCI WAF Cyber Security Intelligence Response Team (OCI WAF CSIRT) is responsible for responding to and managing customer, platform security incidents and researching threat tactics, techniques, and procedures. You will be exposed to a myriad of web architectures protected by Oracle s application delivery and security service networks. You will identify the changing landscape of adversarial actions, tailor defenses to match them, and react to ongoing incidents. You will train other responders & teams to enable global scalability and tackle the hardest challenges of Internet Web security. You will be exposed to new technologies and ideas and be expected to learn them quickly and then be able to teach them to others./You will find your ideas challenged and have to defend them with sound logic and evidence and have the pleasure of working with others held to the same standards./
This individual will be responsible for quality assurance and contributing to threat intelligence services within the organization. This individual will be focused on deep packet inspection, DDoS BOTNET validation, WAF investigations, security incident SME support, security research, proactive intelligence framework monitoring and protection, and will participate in tool development within the research environment. This position will also be responsible for forensic cases as assigned, will participate in all research papers that are published by OCIWAF CSIRT to include Threat Advisories, White Papers, and post mortem incident reports.* *
We seek women and men who share our values, thrive in a team environment, and recognize the importance of accountability; people who strive to exceed expectations to ensure our Clients' success.
We are currently seeking a CSIRT Security Analyst to join our team. The Security Analyst is responsible for investigating security incidents supporting all OCI departments & Customers.
This role requires experience in all phases of Cyber Security Incident Response including preparation, analysis, notification, response, recovery, and post-mortem.
The Security Response Center is responsible for coordinating with SOC, DevOPs, and other appropriate business teams to gather incident details, assess impact, and coordinate response. This role interacts with all levels of the organization and is viewed as a subject matter expert.
The focus of the role is primarily responding to security incidents, managing and consistently maturing the security incident response process to meet the needs of OCI, and building the Cyber Security Incident Response Team's technical investigative capabilities (process & technology)
- Enforce enterprise information assurance and security standards.
Identify, report and resolve security violations.
Assist customers & SOC to satisfy information assurance and security requirements based upon the analysis of user and policy demands.
Assist customers & SOC to effectively implement corporate security policies on existing information system.
Evaluate information security solutions and processes to provide recommendations supporting OCI WAF security standards.
Analyze and assess security incidents and escalate to appropriate internal teams for additional assistance.
Utilize internal guidelines to properly fulfill client requests and resolve incidents received via e-mail or internal ticketing systems in a timely and detail-oriented manner.
Manage all customer interactions in a professional manner with a strong emphasis on customer satisfaction.
Operate, configure and troubleshoot network intrusion detection devices and other security systems. Perform vulnerability/risk analysis of computer systems and applications as directed.
Participate in, or work directly on additional projects, assignments or initiatives as required
1-3 years of professional experience (1 year directly related to Security Operations Role or functional area) or equivalent combination of education/experience.
Strong knowledge of networking fundamentals.
Familiarization with common protocols and services (FTP, HTTP, SSH, SMB, LDAP, etc.)
Experienced with command-line interfaces.
Experience in DDoS and WAF
Strong experience in Packet analysis tools (TCPDump, Wireshark, ngrep, etc.)
Excellent command of English, both written and verbal.
Excellent problem-solving skills with the ability to diagnose and troubleshoot technical issues. Customer-oriented with a strong interest in customer satisfaction.
The ability to learn new technologies and concepts quickly.
Must possess either one or more of the following certifications CEH, CHFI, CISA, etc. Experience in Log and Event analysis and data correlation
Familiarity with various types and techniques of cyber-attacks
Job: *Product Development
Title: Security Engineer
Location: United States
Requisition ID: 200000ZM