Principal Security Software Engineer

Principal Security Software Engineer at Oracle in Boise, Idaho, United States Job Description Job Description About Us We analyze critical researcher-reported security issues in hundreds of Oracle products, conduct detailed analysis, own the corporate internal tooling to manage vulnerabilities for Oracle products and cloud services, and drive distribution of security patches through our quarterly security advisories. We work across the entire organization with everyone from a developer to an executive. What you'll do: + Perform code reviews across Oracle product suite(s) to ensure patch quality for critical security issues. + Conduct independent detailed security research on vulnerabilities, assess their risk/impact on Oracle products/cloud services, draw insights, and communicate findings/analysis to management. + Conduct independent, detailed security research on new and emerging classes of software vulnerabilities, the remediation strategies, and likelihood of short-term exploitation. + Find patterns across proof-of-concepts with the aim of preventing vulnerability classes from re-occurring. + Work with the detection engineering teams across Oracle to help create detection/prevention rules for critical vulnerabilities. + Develop tools that help find, analyze, and prevent vulnerabilities in Oracle products. + Develop tools for managing vulnerabilities, improving efficiency, providing visibility, and measuring effectiveness. + Collaborate with development in the triage, analysis, resolution of product vulnerabilities. Career Level - IC4 Responsibilities Who you are: + You have a BA/BS/MS in Computer Science/Engineering + You have discovered vulnerabilities in open-source projects or participated in CTFs competitions. + You have a solid grasp of secure coding standards, security vulnerabilities, cloud/web application security threats, risk models, and security testing. + You are proficient in coding in Java and have experience with relational databases. + You are passionate about security, have the drive to learn new things, and have a good understanding of underlying OS and networking concepts. + You have excellent project management, analytical, multi-tasking, and verbal/written communication skills. Disclaimer: Certain US customer or client-facing roles may be required to comply with applicable requirements, such as immunization and occupational health mandates. Range and benefit information provided in this posting are specific to the stated locations only US: Hiring Range: from $94,200 to $22 To view full details and how to apply, please login or create a Job Seeker account