DescriptionPerforms penetration testing and attack simulations on business critical infrastructure including internal servers, networks and applications to identify and resolve security flaws.
ResponsibilitiesRESPONSIBILITIES/ TASKS
• Conduct network and server layer penetration testing against Corporate Internet-facing and internal systems
• Conduct application-layer penetration testing against Corporate and customer software applications and webservices deployed globally
• Conduct rigorous penetration testing of Oracle’s latest generation Cloud Services (SaaS, PaaS, IaaS)
• Document technical issues identified during security assessments, and author formal reports
• Follow up on implementation of corrective actions from assessments
• Research security threats and attack vectors
• Develop novel tooling and techniques to enhance the team’s platform and capabilities
• Perform special security projects on an ad-hoc basis
• Perform other duties as assigned
QUALIFICATIONS
Required qualifications
• US Candidates: It will be an advantage if the candidate holds or is prepared to gain US Security Clearance: Oracle's commercial background investigation, plus NACLC and be willing to obtain MBI or SSBI as needed
• University degree from an accredited college/ university, or equivalent experience
• Professional certification: minimum OSCP, OSCE/ OSWE or equivalent preferred
• Experience in Information Security and technical aspects thereof, CISSP certification preferred
• Prior experience with systems development, systems administration, or network administration, 3 years minimum preferred
• Previous hands-on experience in automated and manual penetration testing (infrastructure and web app/ service), 5 years minimum preferred
• Scripting/ programming experience (BASH, PowerShell, Python, C, Assembler) is an advantage
• Knowledge of Information Security standards and access controls such as ISO27001/2 and PCI DSS
• Strong organizational skills and detail-oriented, able to handle concurrent assignments
• Strong presentation, written and verbal communication skills in English
• Strong negotiation skills
• Self-starter and self-sufficient, doesn’t need to be micro-managed
• Excellent team player, willing to share knowledge and skills with peers
