Position Overview
Oracle's Customer Success Services (CSS) Organization is looking for a seasoned information security devops engineer with top-secret clearance to join our efforts in shaping the cloud services landscape across industry verticals and solving difficult problems by designing and building a suite of managed security services in Oracle's Classified Cloud for US National Security (ONSR).
Oracle's Customer Success Services (CSS) is a dynamic, high-impact division that ensures customer success and accelerates cloud adoption. As a key enabler of Oracle's cloud strategy, CSS is backed by strong executive sponsorship and offers a unique opportunity for security professionals.
As an integral team member, you will be responsible for designing, developing, implementing, and supporting efficient and scalable security solutions using third-party and Oracle technologies. Your in-depth knowledge of Oracle SaaS, PaaS, and IaaS offerings and proficiency in security best practices will drive success for Oracle and our customers. You will take an active role in the definition and evolution of standard practices and procedures. You will be responsible for the design and influence of applications and the tools and processes that comprise the CSS organization. You will work independently and closely with team members to solve day-to-day problems, create utilities and applications, and create a security platform of tools that benefits all of Oracle's CSS offerings. You need to be well-versed in every part of the software development process, including source code management, artifact deployment, package management, continuous integration, build and test automation, application deployment, and application monitoring.
Career Level - IC4
Characteristics
Expect Results: Consistently drives high standards for each individual, the team, and the organization to accomplish key goals.
Communicates and Influences: Communicates information and ideas to individuals and teams in an articulate, focused, and compelling way. Willing to offer intellectual mindshare.
Is Analytical and Instinctual: Compares information from multiple sources to identify core issues. Uses data to make decisions but also understands that instinct plays a part in innovating. Always uses good common sense combined with Emotional Intelligence.
Possesses Strong Technology and Architecture Acumen: In-depth understanding of technology, architecture leadership, and software development with the ability to draw from personal experience to make recommendations.
Key Responsibilities
Supports the strengthening of Oracle's security posture, focusing on one or more of the following: risk management; regulatory compliance; threat and vulnerability management; incident management and response; security policy development and enforcement; privacy; information security education, training, and awareness (ISETA); digital forensics and similar focus areas.
Risk Management: Brings advanced skills to assess the information security risk associated with existing and proposed business operational programs, systems, applications, practices, and procedures in complex, business-critical environments. May conduct and document very complex information security risk assessments. May assist in the creation and implementation of security solutions and programs.
Regulatory Compliance: Brings advanced skills to manage programs to establish, document, and track compliance to industry and government standards and regulations, e.g., ISO-27001, PCI-DSS, HIPAA, FedRAMP, GDPR, etc. Researches and interprets current and pending governmental laws and regulations, industry standards, and customer and vendor contracts to communicate compliance requirements to the business and participates in industry forums monitoring developments in regulatory compliance.
Threat and Vulnerability Management: This position uses advanced-level skills to research, evaluate, track, and manage information security threats and vulnerabilities in situations requiring in-depth analysis of ambiguous information.
Incident Management and Response: Bring advanced-level skills to respond to security events, identify possible intrusions, and respond in line with Oracle incident response playbooks. May operate as Incident Commander on serious incidents.
Digital Forensics: Brings advanced level skills to conduct data collection, preservation, and forensic analysis of digital media independently, where an advanced understanding of forensic techniques is required.
Other areas of focus may include:
Ideal Experience
Preferred Education
Advanced degree in computer science or related field.
*US Citizenship and currently holds (or can obtain) a Top Secret (TS)/SCI clearance for Critical-Sensitive Positions with polygraph (FSP).