• Principal Offensive Security Research Engineer Jobs in United States Of America - 25122352

  • ORACLE
  • United States Of America, Usa

Job Description:

Principal Offensive Security Research Engineer - 190015QX

Preferred Qualifications

OCI Security - Security Instrumentation and Analysis Offensive Security Research Engineer About Oracle Cloud Infrastructure Oracle Cloud Infrastructure (OCI) operates a suite of massive scale, integrated cloud services in a broadly distributed, multi-tenant cloud environment to provide Infrastructure-as-a-Service to leading organizations around the globe The OCI team is committed to providing the best in cloud products that meet the needs of our customers who are tackling some of the worlds biggest challenges

We offer unique opportunities for smart, hands-on engineers with the expertise and passion to solve difficult problems in distributed highly available services and virtualized infrastructure At every level, our engineers have a significant technical and business impact designing and building innovative new systems to power our customers business critical applications

About OCI Offensive Security Team The Offensive Security team conducts penetration tests, red team activities, and security research on the hardware and software platforms within Oracle Cloud Infrastructure We ensure the security of software and hardware that run our cloud infrastructure and strive to continuously improve our security posture against the cybersecurity threat landscape

Were looking for hands-on cloud hackers with expertise and passion in identifying and exploiting complex security problems in distributed, multi-tenant services and infrastructure These are exciting times in our space - we are growing fast, still at an early stage, and working on ambitious new initiatives

The OCI Offensive Security team performs a variety of work ranging from penetration testing, red-teaming and tool development Come shape the future of one of the largest clouds on earth with us

To get you excited, here is a list of some of the projects over the last year this team has worked on

Big Iron hardware platforms - ExaLogic, ExaData, UltraSPARC, InfiniBand
Firmware reverse engineering of various hardware components
Developing custom fuzzing platforms and code-coverage analysis engines
Developing custom rules for static code analysis and code query engines
Security assessment of several hypervisors
Linux and Windows kernel mode vulnerability research

Security Research at OCI As part of the mission to secure our global infrastructure for customers, the Security Instrumentation and Analysis team is responsible for deep dive analysis of OCI core-services, development of fuzzing and code analysis technology, and zeroday vulnerability research on kernels, hypervisors, and third-party components Our team consists of industry leading subject matter experts in various parts of the cloud stack with a passion for finding bugs in the design and implementation of our services

Team responsibilities include code review, reverse engineering, and development of fuzzers and static analysis tools to identify new vulnerabilities in software Vulnerability triage and proof of concept exploit development to support the analysis of vulnerabilities Network tool development to probe and scan cloud services Additional responsibilities include demonstrating leadership in the security community through publishing open source tools, papers, presentations, and blog posts

Our ideal candidate is passionate about security and furthering their knowledge every day You enjoy diving into complex source code audits to reveal subtle security vulnerabilities, writing new tools such as fuzzers in languages such as C/C , Python, Ruby, Go or Java, tearing apart an undocumented file format or network protocol and coming up with novel techniques to solve unique and interesting security problems We hope you like working at scale as much as we do much as we do, because Oracle has no shortage of it

Essential Duties and Responsibilities

Perform software security analysis to discover new vulnerabilities
Create tools for the discovery and triage of vulnerabilities
Write detailed technical documentation on new vulnerabilities
Develop proof of concept exploits for testing and analysis
Reverse engineer binary applications, protocols and formats
Demonstrate leadership with the security community

Education and Work Experience

The Security Instrumentation and Analysis team is composed of senior security experts with long standing industry experience We also apply state-of-the-art research techniques that benefit from formal higher level education

Demonstrable experience with vulnerability research required
Strong application/product/software security background
Minimum of five years experience in information security or software development
Bachelors degree in CS, CE, or Mathematics preferred

Specialized Knowledge and Skills

Qualified candidates will have a collection of diverse skills including some of the following

Experience working in a large cloud or software company
Proficient in at least three programming languages C/C , Java, Python, Go, Rust, x64 assembler
Knowledge of system internals for Linux, Windows, and hypervisors
Knowledge of common file format and network protocol structures
Experience code auditing, reverse engineering, and software instrumentation
Experience with compiler plugins or program analysis algorithms
Exceptional analytical skills and problem solving skills
Excellent organization, decision making, and verbal and written communication skills
Ability to work independently with minimum supervision and to take on additional tasks as required
Ability to work with small teams to solve complex problems
A drive to succeed and a passion to solve difficult problems

Work Conditions

Moderate to high levels of stress may occur at times
Fast paced and rapidly changing environment
Extremely talented and experienced team members and mentors

Oracle is an equal opportunity employer OCI empowers a diverse team, and we strive to involve as many perspectives as possible in our innovation process All applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans status or any other characteristic other than merit

Detailed Description and Job Requirements

Design, develop, troubleshoot and debug software programs for databases, applications, tools, networks etc

As a member of the software engineering division, you will take an active role in the definition and evolution of standard practices and procedures You will be responsible for defining and developing software for tasks associated with the developing, designing and debugging of software applications or operating systems

Work is non-routine and very complex, involving the application of advanced technical/business skills in area of specialization Leading contributor individually and as a team member, providing direction and mentoring to others BS or MS degree or equivalent experience relevant to functional area 7 years of software engineering or related experience

Oracle is an Affirmative Action-Equal Employment Opportunity Employer All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability, protected veterans status, age, or any other characteristic protected by law

Job Product Development

Location US-WA,Washington-Seattle

Job Type Regular Employee Hire

Organization Oracle

Profile Summary:

Employment Type : Full Time
Eligibility : Any Graduate
Industry : Software Services, IT-Software
Functional Area : IT Software : Software Products & Services
Role : Software Engineer
Salary : As per Industry Standards
Deadline : 17th May 2020

Key Skills:

Would you like to try out these free online tutorials?

People who search this job also searched for the following Keywords

Sourced**

Salary trends based on over 1 crore profiles

View Salaries

All rights reserved © 2018 Wisdom IT Services India Pvt. Ltd DMCA.com Protection Status