What are the responsibilities and job description for the Security Researcher - Corporate Architecture position at Oracle?
**Job Description**
Responsible for the planning, design and build of security architectures; oversees the implementation of network and computer security and ensures compliance with corporate security policies and procedures.
Responds to security events, identifying possible intrusions and responding in line with Oracle incident response playbooks.
Assist in development of incident response capabilities, training, and tool validation.
Research industry trends and constantly assess current controls and threat posture of new and existing products and services.
Assists with basic planning, design and build of security systems, applications, environments and architectures.
Assist with the review and development of internal standards, guidelines, processes, and procedures and end-user guidelines and procedures.
Minimum of 2 years related experience as a security engineer, analyst, architect, consultant, or developer required.
Strong knowledge of security principles (network, database, infrastructure, application, and cloud), vulnerabilities, attack and defense methodologies, and a strong drive to continue to learn.
Familiarity with SDLC principles and scripting & programming languages (such as Terraform, Python, Ruby, etc.).
General knowledge of security frameworks (like CIS, OWASP, and NIST) and regulatory frameworks (like PCI DSS, HIPAA, and FedRAMP).
Preferred but not required qualifications include: Bachelor's degree in Computer Science. Experience with high-level software design and development and the design, use, and deployment of automation and orchestration frameworks. Demonstrable scripting or programming experience.
**Responsibilities**
**The Team:**
Want to take your career to the next level while having fun and working in a small, agile, and inquisitive team? Do you like breaking and securing code?
Our team is at the forefront of improving the security posture of Oracle offerings. We are not only invested in finding security vulnerabilities but also making sure they are fixed accurately and do not happen again. We value people who can use their skills and share their expertise to effect meaningful change both at the technical level as well as the process level. Our team members have a genuine excitement for and curiosity about security, as well as the desire to share knowledge and help everyone learn from the high technical and ethical standards that have been set.
**The Company:**
Oracle is the world's leading provider of business software. With a presence in over 175 countries, we are one of the biggest technology companies in the world. We're using innovative new technologies to take on real-world problems today! From advancing energy efficiency to reimagining online commerce, the work we do is not only redefining the world of business, it's helping advance governments, power nonprofits, and giving billions of people the tools they need to outpace change. For more information about Oracle (NYSE:ORCL), visit us at [ Link removed ] - Click here to apply to Security Researcher - Corporate Architecture
**What You'll Do:**
Your next project could be anything from static and dynamic analysis of a multi-node Java infrastructure, to writing a fuzzer for an undocumented network protocol or the grammar of a new programming language, to analysis and reverse engineering of firmware used in the thousands of servers supporting our cloud services. Creativity is highly valued; being able to find novel bugs and stitch them together to build something greater than the sum of their parts is essential in this role.
Scope and complete security assessments across a broad range of mobile, web, cloud services and cloud infrastructure code.
Perform in-depth security assessments using results from static and dynamic analysis.
Build testing tools to help engineering teams identify security-related weaknesses.
Collaborate with senior security researchers to determine impact, reporting and presentation of security issues you have identified.
**What You'll Bring (Objective Minimum Qualifications):**
To be considered for a role in our Software Assurance team, you need to meet these minimum qualifications; please ensure your application clearly addresses these qualifications:
Have a Bachelor's, Master's or PhD degree in Math, Physics, Computer Science, Cybersecurity or an equivalent science/engineering field by Aug 2023.
Have no more than 12 months of professional full-time work experience in the technology field (excluding internships, research and/or teaching assistant roles, and military experience).
Reside in the United States and/or attend a university in the US.
Able to obtain own work authorization in the US in 2023.
Are proficient (e.g. able to complete coding projects with no assistance) in at least one of the following programming languages: Go, Java, Python, C/C Have completed academic coursework, projects, internships, and/or research in Application Security, Cybersecurity and/or Information Security.
Have completed academic coursework, projects, internships, and/or research in at least one of the following areas: Application Security, Web/Mobile/Cloud Security, Ethical Hacking, Penetration Testing.
Are familiar with application security projects (e.g. OWASP Top 10) or tools (e.g. ZAP, Burp) through academic coursework, projects, internships, and/or research.
**Other Preferred Qualifications:**
Experience working in an Agile development environment.
Strong ethics and understanding of ethics in information security.
Ability to perform manual source code reviews in one of the aforementioned languages, or assisted review with code analysis tools such as CodeQL.
Knowledge of common vulnerabilities in different types of software and programming languages, including:
1. How to test for/exploit them
2. Real world mitigations that can be applied.
3. Some familiarity with using common security assessment tools and techniques in one or more the following categories:
4. Mobile Application Assessment (iOS / Android)
5. Reverse Engineering (e.g. IDA Pro/Ghidra/Radare2)
6. Fuzzing (e.g. Jazzer/AFL/Peach)
7. Web Application assessment (e.g. BurpSuite Proxy, ZAP, REST API testing)
8. Familiarity with vulnerability classification frameworks (e.g. OWASP Top 10).
9. Capable of working independently while supporting a team environment.
Ability to efficiently handle multiple tasks.
Strong communication skills in English.
**What We'll Give You:**
A team of very skilled and diverse personnel across the globe.
Opportunities for further education in software development and software security.
Experience to work in large enterprise codebases and systems for performing security analysis.
**Range and benefit information provided in this posting are specific to the stated location(s)**
New York City Pay Range: from $92,200 to $161,500 per annum; eligible for bonus and equity.
Colorado Pay Range: from $82,500 to $153,000 per annum; eligible for bonus and equity.
Oracle maintains broad salary ranges for its roles in order to account for variations in knowledge, skills, experience and market conditions, as well as reflect Oracle's differing products, industries and lines of business.
Candidates are typically placed into the range based on the preceding factors as well as internal peer equity.
Oracle offers a comprehensive benefits package which includes the following:
1. Medical, dental, and vision insurance, including expert medical opinion
2. Short term disability and long term disability
3. Life insurance and AD&D
4. Supplemental life insurance (Employee/Spouse/Child)
5. Health care and dependent care Flexible Spending Accounts
6. Pre-tax commuter and parking benefits
7. 401(k) Savings and Investment Plan with company match
8. Flexible paid time off (unlimited or accrued vacation and sick leave)
9. Paid parental leave
10. Employee Stock Purchase Plan
11. Adoption assistance
12. Financial planning and group legal
13. Voluntary benefits including auto, homeowner and pet insurance
**About Us**
As a world leader in cloud solutions, Oracle uses tomorrow's technology to tackle today's problems. True innovation starts with diverse perspectives and various abilities and backgrounds.
When everyone's voice is heard, we're inspired to go beyond what's been done before. It's why we're committed to expanding our inclusive workforce that promotes diverse insights and perspectives.
We've partnered with industry-leaders in almost every sector-and continue to thrive after 40 years of change by operating with integrity.
Oracle careers open the door to global opportunities where work-life balance flourishes. We offer a highly competitive suite of employee benefits designed on the principles of parity and consistency. We put our people first with flexible medical, life insurance and retirement options. We also encourage employees to give back to their communities through our volunteer programs.
We're committed to including people with disabilities at all stages of the employment process. If you would like accessibility assistance or accommodation for a disability at any point, let us know at
**Disclaimer:**
Certain US customer or client-facing roles may be required to comply with applicable requirements, such as immunization and occupational health mandates.
Oracle is an Equal Employment Opportunity Employer*. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans' status, or any other characteristic protected by law. Oracle will consider for employment qualified applicants with arrest and conviction records pursuant to applicable law.
*** Which includes being a United States Affirmative Action Employer**
Responsible for the planning, design and build of security architectures; oversees the implementation of network and computer security and ensures compliance with corporate security policies and procedures.
Responds to security events, identifying possible intrusions and responding in line with Oracle incident response playbooks.
Assist in development of incident response capabilities, training, and tool validation.
Research industry trends and constantly assess current controls and threat posture of new and existing products and services.
Assists with basic planning, design and build of security systems, applications, environments and architectures.
Assist with the review and development of internal standards, guidelines, processes, and procedures and end-user guidelines and procedures.
Minimum of 2 years related experience as a security engineer, analyst, architect, consultant, or developer required.
Strong knowledge of security principles (network, database, infrastructure, application, and cloud), vulnerabilities, attack and defense methodologies, and a strong drive to continue to learn.
Familiarity with SDLC principles and scripting & programming languages (such as Terraform, Python, Ruby, etc.).
General knowledge of security frameworks (like CIS, OWASP, and NIST) and regulatory frameworks (like PCI DSS, HIPAA, and FedRAMP).
Preferred but not required qualifications include: Bachelor's degree in Computer Science. Experience with high-level software design and development and the design, use, and deployment of automation and orchestration frameworks. Demonstrable scripting or programming experience.
**Responsibilities**
**The Team:**
Want to take your career to the next level while having fun and working in a small, agile, and inquisitive team? Do you like breaking and securing code?
Our team is at the forefront of improving the security posture of Oracle offerings. We are not only invested in finding security vulnerabilities but also making sure they are fixed accurately and do not happen again. We value people who can use their skills and share their expertise to effect meaningful change both at the technical level as well as the process level. Our team members have a genuine excitement for and curiosity about security, as well as the desire to share knowledge and help everyone learn from the high technical and ethical standards that have been set.
**The Company:**
Oracle is the world's leading provider of business software. With a presence in over 175 countries, we are one of the biggest technology companies in the world. We're using innovative new technologies to take on real-world problems today! From advancing energy efficiency to reimagining online commerce, the work we do is not only redefining the world of business, it's helping advance governments, power nonprofits, and giving billions of people the tools they need to outpace change. For more information about Oracle (NYSE:ORCL), visit us at [ Link removed ] - Click here to apply to Security Researcher - Corporate Architecture
**What You'll Do:**
Your next project could be anything from static and dynamic analysis of a multi-node Java infrastructure, to writing a fuzzer for an undocumented network protocol or the grammar of a new programming language, to analysis and reverse engineering of firmware used in the thousands of servers supporting our cloud services. Creativity is highly valued; being able to find novel bugs and stitch them together to build something greater than the sum of their parts is essential in this role.
Scope and complete security assessments across a broad range of mobile, web, cloud services and cloud infrastructure code.
Perform in-depth security assessments using results from static and dynamic analysis.
Build testing tools to help engineering teams identify security-related weaknesses.
Collaborate with senior security researchers to determine impact, reporting and presentation of security issues you have identified.
**What You'll Bring (Objective Minimum Qualifications):**
To be considered for a role in our Software Assurance team, you need to meet these minimum qualifications; please ensure your application clearly addresses these qualifications:
Have a Bachelor's, Master's or PhD degree in Math, Physics, Computer Science, Cybersecurity or an equivalent science/engineering field by Aug 2023.
Have no more than 12 months of professional full-time work experience in the technology field (excluding internships, research and/or teaching assistant roles, and military experience).
Reside in the United States and/or attend a university in the US.
Able to obtain own work authorization in the US in 2023.
Are proficient (e.g. able to complete coding projects with no assistance) in at least one of the following programming languages: Go, Java, Python, C/C Have completed academic coursework, projects, internships, and/or research in Application Security, Cybersecurity and/or Information Security.
Have completed academic coursework, projects, internships, and/or research in at least one of the following areas: Application Security, Web/Mobile/Cloud Security, Ethical Hacking, Penetration Testing.
Are familiar with application security projects (e.g. OWASP Top 10) or tools (e.g. ZAP, Burp) through academic coursework, projects, internships, and/or research.
**Other Preferred Qualifications:**
Experience working in an Agile development environment.
Strong ethics and understanding of ethics in information security.
Ability to perform manual source code reviews in one of the aforementioned languages, or assisted review with code analysis tools such as CodeQL.
Knowledge of common vulnerabilities in different types of software and programming languages, including:
1. How to test for/exploit them
2. Real world mitigations that can be applied.
3. Some familiarity with using common security assessment tools and techniques in one or more the following categories:
4. Mobile Application Assessment (iOS / Android)
5. Reverse Engineering (e.g. IDA Pro/Ghidra/Radare2)
6. Fuzzing (e.g. Jazzer/AFL/Peach)
7. Web Application assessment (e.g. BurpSuite Proxy, ZAP, REST API testing)
8. Familiarity with vulnerability classification frameworks (e.g. OWASP Top 10).
9. Capable of working independently while supporting a team environment.
Ability to efficiently handle multiple tasks.
Strong communication skills in English.
**What We'll Give You:**
A team of very skilled and diverse personnel across the globe.
Opportunities for further education in software development and software security.
Experience to work in large enterprise codebases and systems for performing security analysis.
**Range and benefit information provided in this posting are specific to the stated location(s)**
New York City Pay Range: from $92,200 to $161,500 per annum; eligible for bonus and equity.
Colorado Pay Range: from $82,500 to $153,000 per annum; eligible for bonus and equity.
Oracle maintains broad salary ranges for its roles in order to account for variations in knowledge, skills, experience and market conditions, as well as reflect Oracle's differing products, industries and lines of business.
Candidates are typically placed into the range based on the preceding factors as well as internal peer equity.
Oracle offers a comprehensive benefits package which includes the following:
1. Medical, dental, and vision insurance, including expert medical opinion
2. Short term disability and long term disability
3. Life insurance and AD&D
4. Supplemental life insurance (Employee/Spouse/Child)
5. Health care and dependent care Flexible Spending Accounts
6. Pre-tax commuter and parking benefits
7. 401(k) Savings and Investment Plan with company match
8. Flexible paid time off (unlimited or accrued vacation and sick leave)
9. Paid parental leave
10. Employee Stock Purchase Plan
11. Adoption assistance
12. Financial planning and group legal
13. Voluntary benefits including auto, homeowner and pet insurance
**About Us**
As a world leader in cloud solutions, Oracle uses tomorrow's technology to tackle today's problems. True innovation starts with diverse perspectives and various abilities and backgrounds.
When everyone's voice is heard, we're inspired to go beyond what's been done before. It's why we're committed to expanding our inclusive workforce that promotes diverse insights and perspectives.
We've partnered with industry-leaders in almost every sector-and continue to thrive after 40 years of change by operating with integrity.
Oracle careers open the door to global opportunities where work-life balance flourishes. We offer a highly competitive suite of employee benefits designed on the principles of parity and consistency. We put our people first with flexible medical, life insurance and retirement options. We also encourage employees to give back to their communities through our volunteer programs.
We're committed to including people with disabilities at all stages of the employment process. If you would like accessibility assistance or accommodation for a disability at any point, let us know at
1.888.404.2494
, Option 1.**Disclaimer:**
Certain US customer or client-facing roles may be required to comply with applicable requirements, such as immunization and occupational health mandates.
Oracle is an Equal Employment Opportunity Employer*. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans' status, or any other characteristic protected by law. Oracle will consider for employment qualified applicants with arrest and conviction records pursuant to applicable law.
*** Which includes being a United States Affirmative Action Employer**
Recommended Skills
- Agile Methodology
- Application Security
- Assessments
- Automation
- C (Programming Language)
- Cloud Computing
Salary : $92,200 - $161,500
Maintenance Worker - Full Time
Corporate -
Nashville, TN
Front Desk Clerk (3p - 11p Full Time or Part Time)
Corporate -
Nashville, TN
Front Office & Accounting Manager
Corporate -
Nashville, TN