Principal Offensive Security Engineer
Description For Principal Offensive Security Engineer
The Oracle Cloud Infrastructure (OCI) Offensive Security team is seeking a Principal Offensive Security Engineer to ensure the security of their cloud systems and services. This role combines the excitement of a startup environment with the stability of a Fortune 100 company, offering significant growth potential and technical impact. The position involves working on large-scale distributed security systems, performing security assessments, vulnerability research, and developing security tools.
The ideal candidate will be a hands-on cloud security expert passionate about identifying and exploiting complex security problems in distributed, multi-tenant services. The role involves working with cutting-edge technologies including ExaLogic, ExaData, UltraSPARC, and various hypervisors, as well as performing firmware reverse engineering and developing custom fuzzing platforms.
As part of the OCI Offensive Security team, you'll contribute to ensuring the security of one of the largest cloud platforms globally. The team operates with a flexible structure that builds roles around each member's skills and interests, rather than fitting people into predefined positions. This approach allows for significant technical and business impact while working on challenging problems at massive scale.
The position offers competitive compensation, comprehensive benefits, and the opportunity to shape the security future of Oracle's cloud infrastructure. You'll be working in an environment that values continuous learning, equity, inclusion, and respect for all, while tackling some of the most complex security challenges in cloud computing.
Responsibilities For Principal Offensive Security Engineer
- Dive into complex source code audits to reveal security vulnerabilities
- Write new tools such as fuzzers in C/C++, Python, Ruby, Go or Java
- Review new services and their integration points
- Guide security projects and identify vulnerabilities
- Design complex systems that improve offensive security output
- Drive organization-wide improvement in engineering practices
- Perform security assessments of complex products
- Balance business and security risk
Requirements For Principal Offensive Security Engineer
- Six years experience in vulnerability discovery / security engineering
- Threat modeling experience of microservice architectures
- Experience working in a large cloud or software company
- Extensive research with multiple classes of security bugs
- Subject matter expert in at least one business-critical area
- Excellent organizational, verbal and written communication skills
- Intermediate knowledge of Linux OS Internals
- Advanced knowledge of one programming language
- Experience with cryptographic algorithms and standards
- Understanding of threat modeling and penetration testing
Benefits For Principal Offensive Security Engineer
- Medical, dental, and vision insurance
- Short term and long term disability
- Life insurance and AD&D
- Health care and dependent care Flexible Spending Accounts
- 401(k) Savings and Investment Plan with company match
- Flexible Vacation
- 11 paid holidays
- Paid sick leave
- Paid parental leave
- Adoption assistance
- Employee Stock Purchase Plan
Jobs Related To Oracle Principal Offensive Security Engineer
