Remote- Principal Security Engineer- CSSLP
Cloud Security EngineerMust haveA' CSSLP CertificationNeeds to be a US CitizenCan be located anywhere in the USA' Are you a top-notch Security Engineering guru who wants a career that marries your passion for solving challenging security problems with a worthwhile purpose, like saving our planet? Imagine yourself coming to work everyday to tackle humanitys greatest energy challenges.
In Oracles Utilities Global Business Unit (UGBU) our mission is to lay the foundation for utilities innovation by building cutting edge cloud and big data products.
Our energy efficiency products are disrupting the way power is supplied, consumed, billed and operates.
Oracle is uniquely positioned in this space b/c we bring together a worldwide team of utilities experts focused on developing complete end-2-end business solutions, software applications, server, middleware and storage products.
As a result, we are providing utilities with the flexibility, operational efficiencies and technology to innovate and achieve performance excellence.
A' A' A' A' Job SummaryThis position will work closely with cross functional development teams across our Utilities Global Business Unit to continually improve software security, provide solutions to improve overall system quality.
A' Define and improve process, practice and identify tools in support of product development, delivery (CI/CD) and automation to improve security and quality.
A' Partner with our product teams to achieve Oracle Software Security Assurance program objectives such as security best practices, secure coding standards, perform architectural risk analysis and threat modeling, conduct security testing, and support the identification, interpretation, and remediation of vulnerabilities across a variety of applications.
A' Responsibilities-Establish best processes and practices to meet security, compliance, and audit requirements.
Conduct application security testing, source code reviews & threat analysis.
-Demonstrate expert knowledge of latest security vulnerabilities, threats, attack surface, and remediation techniques.
-Track open security issues and follow up with different teams to address the issues.
-Deploy security solutions in development and cloud environments.
-Develop procedures to automate security tasks during the build and deployments.
-Mentor and train the development team on security best practices and processes.
-Ensure 3rd-party software meets Oracle supply chain security standards.
A' Requirements & Qualifications-7 years of software engineering and 4 years of Application Security or related experience.
-BS or MS degree or equivalent experience relevant to functional area.
-Expertise with browser security controls, application security standards such as OWASP ASVS/Top 10, CWE 25 andA' vulnerability handling and scoring with CVSS.
-Fluent with security testing including SAST, DAST, penetration and Fuzz testing.
-Strong knowledge of technology and security topics including application security, infrastructure hardening, cryptography, secret management and service authentication (SAML, OAUTH).
-Must have significant security development and/or security assurance experience.
Experience in effective implementation of Software Security Development Lifecycle and software maturity model.
-Familiar with Security tools like Fortify, BurpSuite, QualyGuard, ZAP.
Experience with CI/CD tools like git/svn, Jenkins/Hudson, Nexus, Maven, Ant, Artifactory, SonarQube.
Good understanding of DevSecOps in maintaining security in CI/CD processes.
Experience with Docker, Microservices and container deployment and service orchestration.
Hands-on scripting and coding experience in one or more programming languages such as Java, JavaScript, Groovy, shell, Perl.
Knowledge of platforms (Linux/Unix and Windows).
Experience in developing, documenting, and maintaining security procedures.
Ability to clearly and effectively communicate concerns, issues to other teams.
.
Estimated Salary: $20 to $28 per hour based on qualifications.
In Oracles Utilities Global Business Unit (UGBU) our mission is to lay the foundation for utilities innovation by building cutting edge cloud and big data products.
Our energy efficiency products are disrupting the way power is supplied, consumed, billed and operates.
Oracle is uniquely positioned in this space b/c we bring together a worldwide team of utilities experts focused on developing complete end-2-end business solutions, software applications, server, middleware and storage products.
As a result, we are providing utilities with the flexibility, operational efficiencies and technology to innovate and achieve performance excellence.
A' A' A' A' Job SummaryThis position will work closely with cross functional development teams across our Utilities Global Business Unit to continually improve software security, provide solutions to improve overall system quality.
A' Define and improve process, practice and identify tools in support of product development, delivery (CI/CD) and automation to improve security and quality.
A' Partner with our product teams to achieve Oracle Software Security Assurance program objectives such as security best practices, secure coding standards, perform architectural risk analysis and threat modeling, conduct security testing, and support the identification, interpretation, and remediation of vulnerabilities across a variety of applications.
A' Responsibilities-Establish best processes and practices to meet security, compliance, and audit requirements.
Conduct application security testing, source code reviews & threat analysis.
-Demonstrate expert knowledge of latest security vulnerabilities, threats, attack surface, and remediation techniques.
-Track open security issues and follow up with different teams to address the issues.
-Deploy security solutions in development and cloud environments.
-Develop procedures to automate security tasks during the build and deployments.
-Mentor and train the development team on security best practices and processes.
-Ensure 3rd-party software meets Oracle supply chain security standards.
A' Requirements & Qualifications-7 years of software engineering and 4 years of Application Security or related experience.
-BS or MS degree or equivalent experience relevant to functional area.
-Expertise with browser security controls, application security standards such as OWASP ASVS/Top 10, CWE 25 andA' vulnerability handling and scoring with CVSS.
-Fluent with security testing including SAST, DAST, penetration and Fuzz testing.
-Strong knowledge of technology and security topics including application security, infrastructure hardening, cryptography, secret management and service authentication (SAML, OAUTH).
-Must have significant security development and/or security assurance experience.
Experience in effective implementation of Software Security Development Lifecycle and software maturity model.
-Familiar with Security tools like Fortify, BurpSuite, QualyGuard, ZAP.
Experience with CI/CD tools like git/svn, Jenkins/Hudson, Nexus, Maven, Ant, Artifactory, SonarQube.
Good understanding of DevSecOps in maintaining security in CI/CD processes.
Experience with Docker, Microservices and container deployment and service orchestration.
Hands-on scripting and coding experience in one or more programming languages such as Java, JavaScript, Groovy, shell, Perl.
Knowledge of platforms (Linux/Unix and Windows).
Experience in developing, documenting, and maintaining security procedures.
Ability to clearly and effectively communicate concerns, issues to other teams.
.
Estimated Salary: $20 to $28 per hour based on qualifications.
|
|
 | |
