Oracle Principal Information Security Analyst (Penetration Tester)-NSC in Phoenix, Arizona
Design, develop, troubleshoot and debug software programs for databases, applications, tools, networks etc.
As a member of the software engineering division, you will take an active role in the definition and evolution of standard practices and procedures. You will be responsible for defining and developing software for tasks associated with the developing, designing and debugging of software applications or operating systems.
Work is non-routine and very complex, involving the application of advanced technical/business skills in area of specialization. Leading contributor individually and as a team member, providing direction and mentoring to others. BS or MS degree or equivalent experience relevant to functional area. 7 years of software engineering or related experience.
Oracle is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans status or any other characteristic protected by law.
Oracle is an Affirmative Action-Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability, protected veterans status, age, or any other characteristic protected by law.
Are you interested inassuring the security of Oracle s current and next generation Cloud services? Does the prospect of conducting penetration tests across the entire estate of a global corporation excite you? Do you want to join a growing team within an evolving security/ risk landscape?
/_UNITED STATES clearance is needed for this role: Secret Clearance_/
Our team is tasked with delivering a global penetration testing program that covers every line of business within Oracle. As Oracle grows with new acquisitions, so we are growing and adapting to cover new estates and technologies within our program. Our goal is to ensure that Oracle is well positioned to face current and emerging threats to itself and its hosted customer data from any source.
We are looking for experienced hackers and pentesters with the enthusiasm and motivation to develop themselves further and join us in pushing our global team s capabilities to a new level. A track record of self-education and an ability to adapt comfortably to change is necessary, and will be supported by a formal training plan. The successful candidate will find themselves in a very supportive team of equal peers and will contribute fully to our pentesting platforms, tooling and evolving comprehensive methodologies.
This is an exciting opportunity to join a motivated team delivering a global penetration testing program.
Perform application-layer penetration testing against Corporate and customer software applications and webservices deployed globally
Conduct network and server layer penetration testing against Corporate Internet-facing and internal systems
Document technical issues identified during security assessments and incidents, and author formal reports
Participate in Red Team exercises directed against Oracle Lines Of Business world-wide
Follow up on implementation of corrective actions from assessments and incidents
Research security threats and attack vectors
Manage network forensics and incident response when assigned
Assist other GIS staff on specific projects and incidents as required
Perform special security projects on an ad-hoc basis
Perform other duties as assigned
Candidate must hold or be prepared to gain US Security Clearance
University degree from an accredited college, university, or equivalent
Professional certification: minimum OSCP/ CREST CRT or equivalent, CREST CCT Inf/App or equivalent preferred
Experience in Information Security and technical aspects thereof, CISSP certification preferred
Prior experience with systems development, systems administration, or network administration, 5 years minimum preferred
Previous hands-on experience in penetration testing and vulnerability assessment required, 5 years minimum preferred
Previous experience of automated web application testing, infrastructure testing, and manual exploitation testing required, 5 years minimum preferred
Scripting/ programming experience (BASH, PowerShell, Python, C, Assembler) is an advantage
Knowledge of web technologies and network communication methods
Familiarity with general application and network security concepts
Knowledge of Information Security standards and access controls such as ISO27001/2 and PCI DSS
Strong organizational skills and detail-oriented, able to handle concurrent assignments
Strong presentation, written and verbal communication skills in English
Strong negotiation skills
Self-starter and self-sufficient, doesn t need to be micro-managed
Excellent team player, willing to share knowledge and skills with peers
Job: *Product Development
Title: Principal Information Security Analyst (Penetration Tester)-NSC
Location: United States
Requisition ID: 20000PSZ