Michigan IT Jobs

Mobile michigan-jobbank Logo

Job Information

Oracle Offensive Security Engineer (Principal) for OCI (JoinOCI-SDE) in Troy, Michigan

Design, develop, troubleshoot and debug software programs for databases, applications, tools, networks etc.

As a member of the software engineering division, you will take an active role in the definition and evolution of standard practices and procedures. You will be responsible for defining and developing software for tasks associated with the developing, designing and debugging of software applications or operating systems.

Work is non-routine and very complex, involving the application of advanced technical/business skills in area of specialization. Leading contributor individually and as a team member, providing direction and mentoring to others. BS or MS degree or equivalent experience relevant to functional area. 7 years of software engineering or related experience.

Oracle is an Affirmative Action-Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability, protected veterans status, age, or any other characteristic protected by law.

Offensive Security Engineer

Oracle Cloud Infrastructure Group (USA)

We're looking for hands-on cloud hackers with expertise and passion in identifying and exploiting complex security problems in distributed, multi-tenant services and infrastructure. Oracle Cloud Infrastructure (OCI) provides Infrastructure-as-a-Service. We operate distributed systems at a high scale, worldwide. These are the foundation of our cloud environment. Our customers run their businesses on our cloud, and our mission is to provide them with a best-in-class and ever-expanding set of cloud-based services.

Within OCI, the Offensive Security group conducts penetration tests, hardware security research, and operates our red team. We ensure the security of software and hardware that run our cloud infrastructure, and strive to continuously improve our security stance. The OCI Offensive Security group works as a team. We don't try to fit people into predefined roles. We bring together the right people who can enhance the capability of the team, and build roles around the person's skills and interests.

These are exciting times in our space. We are growing fast, still at an early stage and working on ambitious new initiatives. A security-focused engineer at any level can have significant technical and business impact. Come shape the future of one of the largest clouds on earth with us. Overall, OCI Offensive Security team performs a variety of work ranging from penetration testing, fuzzing, red-teaming and tool development.

Responsibilities

Some of our people have qualifications like the ones listed below. Our ideal candidate is passionate about security and furthering their knowledge every day. You enjoy diving into complex source code audits to reveal subtle security vulnerabilities, writing new tools such as fuzzers in languages such as C/C , Python, Ruby, Go or Java, tearing apart an undocumented file format or network protocol and coming up with novel techniques to solve unique and interesting security problems. We hope you like working at scale as much as we do much as we do, because Oracle has no shortage of it. You'll review new services, including their integration points with existing services. You'll also guide security projects beyond the scope of performing assessment work: identifying and disclosing vulnerabilities to 3rd party vendor or design of complex systems and services that improve quantity or quality of offensive security output.

Qualifications

  • 5 -10 years’ experience in vulnerability discovery / security engineering / application security

  • Experience working in a large cloud or software company

  • Demonstrated history of vulnerability discovery (CVEs, etc.) and rapid PoC development

  • Experience with multiple classes of security bugs

  • Evidence of participation in the Security community via contribution to open source projects, tool development, blog writing, or responsibly-published vulnerabilities.

  • Ability to effectively assess and communicate risks and appropriate levels of urgency to management and engineering staff

  • Ability to succeed via collaboration and working between internal and external organizations and individuals.

  • Excellent organizational, verbal and written communication skills

  • Intermediate knowledge of Linux OS Internals.

  • Intermediate knowledge of 1 programming language and ability to read 1-2 high level programming language such as Java

  • Bachelor’s degree in Computer Science, related field or equivalent work experience.

Qualifications

  • Must have at least 1 – 2 years’ experience in 3 or more of the following areas:

o Penetration testing

o Reverse engineering exploits

o Log analysis

o Operation of assessment tools: Burpsuite, Nessus, Fuzzers, etc.

o Script Writing

  • Previous roles with a security focus: Security Operations Center (SOC) Analyst, Vulnerability Management, DevOps, CICD, Software development, etc.

  • Intermediate use of Linux operating systems

  • Functional knowledge of 1 programming/scripting language and ability to read 1 low/high level programming language

  • Technical writing experience.

  • At least one of the following industry certifications: OSCP, OSCE, or equivalent.

Highly Desired:

  • Active TS/SCI Clearance

  • Bachelor’s degree in Computer Science, related field or equivalent work experience.

Job: *Product Development

Organization: *Oracle

Title: Offensive Security Engineer (Principal) for OCI (JoinOCI-SDE)

Location: OR,Oregon-Portland

Requisition ID: 20000Q3O

Other Locations: US-TX,Texas-Austin, United States

DirectEmployers