Senior Application Security Engineer

As a Senior Application Security Engineer with a focus on Incident Investigation, you will be part of the Product Security team and work closely with NetSuite's SOC. You will be the Application Security expert in incident investigations, deep diving through logs and code to provide the best context to Incident Responders and the best remediation path to product teams. Your contributions will be key to securing multiple cloud services and promoting good security practices throughout Oracle.

What You'll Do:

• Lead incident investigations, coordinating different teams and making sure there's a steady pace to the remediation of the events.
• Find new and strengthen existing detections by participating in and leading threat hunts.
• Participate in and lead purple team exercises on various applications to strengthen our detection and response capabilities
• Determine the best strategy to remediate active security incidents in collaboration with Development and Security teams.
• Implement signature-based detections and mitigations within WAF and RASP solutions to secure our web applications.
• Build and manage tools/automation to improve our current workflows.
• Provide support to NetSuite's SOC with Application Security specific knowledge.
• Improve NetSuite's Incident Detection/Response mechanisms and streamline our internal processes.
• Cross-train and learn within and across focus groups.
• Perform proactive research to keep-up with the latest attacks and TTPs, and translate this into actionable input for our detection and response mechanisms.
• Collaborate with Application Security management on program direction, team growth, and addressing systemic security issues.

Your Qualifications & Skills:

• 4+ years in the field of Software Development, Security Engineering or Incident Response.
• Experience using Logging tools like OpenSearch or Elastic.
• Knowledge on how to operate/implement a WAF.
• Application security and/or Software Development expertise.
• Incident Response expertise or desire to learn.
• Strong ethics and understanding of ethics in information security.
• Capable of working independently while supporting a team environment.
• Ability to efficiently manage multiple tasks.
• Strong communication skills in English both to technical and executive audiences.

Why Oracle NetSuite? Innovation starts with inclusion at Oracle NetSuite. We are committed to creating a workplace where all kinds of people can be themselves and do their best work. It's when everyone's voice is heard and valued that we are inspired to go beyond what's been done before. An Oracle NetSuite career can span industries, roles, countries and cultures, giving you the opportunity to tackle new roles and challenges, while blending work and life.