Senior Application Security Engineer

BARCELONA, Spain

Oracle

Oracle offers a comprehensive and fully integrated stack of cloud applications and cloud platform services.

View all jobs at Oracle

Apply now Apply later

As a Senior Application Security Engineer with a focus on Incident Investigation, you will be part of the Product Security team and work closely with NetSuite’s SOC. You will be the Application Security expert in incident investigations, deep diving through logs and code to provide the best context to Incident Responders and the best remediation path to product teams. Your contributions will be key to securing multiple cloud services and promoting good security practices throughout Oracle.

 

What You'll Do

  • Lead incident investigations, coordinating different teams and making sure there’s a steady pace to the remediation of the events.
  • Find new and strengthen existing detections by participating in and leading threat hunts.
  • Participate in and lead purple team exercises on various applications to strengthen our detection and response capabilities
  • Determine the best strategy to remediate active security incidents in collaboration with Development and Security teams.
  • Implement signature-based detections and mitigations within WAF and RASP solutions to secure our web applications.
  • Build and manage tools/automation to improve our current workflows.
  • Provide support to NetSuite’s SOC with Application Security specific knowledge.
  • Improve NetSuite’s Incident Detection/Response mechanisms and streamline our internal processes.
  • Cross-train and learn within and across focus groups.
  • Perform proactive research to keep-up with the latest attacks and TTPs, and translate this into actionable input for our detection and response mechanisms.
  • Collaborate with Application Security management on program direction, team growth, and addressing systemic security issues.

 

 

Career Level - IC3

Your Qualifications & Skills

  • 4+ years in the field of Software Development, Security Engineering or Incident Response.
  • Experience using Logging tools like OpenSearch or Elastic.
  • Knowledge on how to operate/implement a WAF.
  • Application security and/or Software Development expertise.
  • Incident Response expertise or desire to learn.
  • Strong ethics and understanding of ethics in information security.
  • Capable of working independently while supporting a team environment.
  • Ability to efficiently manage multiple tasks.
  • Strong communication skills in English both to technical and executive audiences.

 

 

Nice to have

  • Programming experience with one or more programming languages (Java, JavaScript, Python, PHP, Perl, Ruby, Kotlin, Scala, C#, Golang, bash/zsh, C/C++). We're primarily a Java shop, but we work with multiple programming languages daily. B.S. in Computer Science, Computer Engineering, or related field, or commensurate experience.
  • Project coordination/project management skills.
  • Capable of designing, improving and implementing complex workflows.[PB1] 
  • Familiarity with application security projects (e.g. OWASP Top 10), tools (e.g. ZAP, Burp), and how to build safer software.
  • Recognized industry certification and/or continuing education programs are a major plus.
  • Experience or familiarity with other Appsec activities: threat modeling, pen-testing, bug bounty, code reviews, capture the flag (CTF)...
  • Contributions to open-source projects.

 

 

Why Oracle NetSuite?

Innovation starts with inclusion at Oracle NetSuite. We are committed to creating a workplace where all kinds of people can be themselves and do their best work. It’s when everyone’s voice is heard and valued that we are inspired to go beyond what’s been done before. An Oracle NetSuite career can span industries, roles, countries and cultures, giving you the opportunity to tackle new roles and challenges, while blending work and life. 

Oracle NetSuite is the world's best cloud-based, multi-tenant ERP (Enterprise Resource Planning) service with unified financials, supply chain, order management, omnichannel e-commerce...all in one platform!

 

 

We offer more than just a job!

  • Agile environment – Start-up culture backed by a strong enterprise
  • English-speaking environment and international team
  • Strong professionals around you that will help to accelerate your growth
  • High-impact learning culture: free access to online learning platforms and regular in-house training sessions
  • Flexible working hours
  • Private medical insurance and life insurance
  • Many other benefits depending on the country
  • Oracle NetSuite is an Equal Employment Opportunity Employer. We ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform crucial job functions, and to receive other benefits of employment.

 

 

 #LI-DNI

As a world leader in cloud solutions, Oracle uses tomorrow’s technology to tackle today’s problems. True innovation starts with diverse perspectives and various abilities and backgrounds.

When everyone’s voice is heard, we’re inspired to go beyond what’s been done before. It’s why we’re committed to expanding our inclusive workforce that promotes diverse insights and perspectives.

We’ve partnered with industry-leaders in almost every sector—and continue to thrive after 40+ years of change by operating with integrity.

Oracle careers open the door to global opportunities where work-life balance flourishes. We offer a highly competitive suite of employee benefits designed on the principles of parity and consistency. We put our people first with flexible medical, life insurance and retirement options. We also encourage employees to give back to their communities through our volunteer programs.

We’re committed to including people with disabilities at all stages of the employment process. If you require accessibility assistance or accommodation for a disability at any point, let us know by calling +1 888 404 2494, option one.

Disclaimer:

Oracle is an Equal Employment Opportunity Employer*. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans’ status, or any other characteristic protected by law. Oracle will consider for employment qualified applicants with arrest and conviction records pursuant to applicable law.

* Which includes being a United States Affirmative Action Employer

Apply now Apply later

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Job stats:  2  1  0

Tags: Agile Application security Automation Bash C Cloud Computer Science CTF E-commerce ERP Golang Incident response Java JavaScript Kotlin Oracle OWASP Perl PHP Product security Python Ruby Scala SOC Strategy TTPs

Perks/benefits: Career development Flex hours Health care Insurance Startup environment Team events

Region: Europe
Country: Spain

More jobs like this

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.