Software Development Intern-Product Security

Requirements:
•    The project can be executed remotely, if you live far from our offices. Our team can work from Oracle Reading (Thames Valley Park) or Oracle London (Moorgate). Ideally, a candidate able to be in the Reading office for 2 days a week would really maximise the added value of this experience. If the candidate wants to work on Hardware bugs, presence in Reading is a requirement (as Hardware testing equipment is only available in our Reading facilities)
•    Enrolled in Bachelor’s or Master’s degree course in Computer Science or related field
•    Interest in security with basic knowledge of one or more the following security topics: cryptography, web application security (OWASP TOP 10 or CWE TOP 30), memory corruption bugs
•    Proficiency in either Python, Java, go, bash or rust
•    Basic knowledge of Linux and ability to use the command line
•    Excellent organizational, presentation, verbal and written communication skills in English
•    Ability to achieve the given milestones and objectives with limited supervision
 

What’s in it for you? 
•    An extremely flexible working environment
•    This role will enable you to see the complete lifecycle of vulnerabilities, from inception as part of an assessment to the response of the development team and eventual deployment of patches. By developing tools to automate the vulnerability discovery process you will enhance the security of some of the world’s most sensitive data and systems
•    You will be able to experience how security is managed in a huge corporation, how different roles (Architect, Pentester, Defender, …) cooperate in real life, and, at the end of the experience, you will have much more info to decide your future path in Security.
•    EHT interacts with some of the most innovative areas of the company including Oracle Research Labs, Oracle Cloud Infrastructure (OCI), Netsuite, the Oracle RDBMS engineering and the Java teams. This role will allow you to see how security is approached in a global enterprise and how the most difficult challenges are addressed and solved.

 

Career Level - IC0

Responsibilities
The project selection will be made according to the past experience of the selected candidate and their interests. The project areas are:
1.    Implement scripts to detect software security defects in product binaries and installation media, to be executed by an internal Oracle framework
2.    Improve an EHT security tool or write a new one (fuzzer, Burp plugin, Python scapy script). Your additions will produce a feature that will require research on the detection and exploitation aspects of specific category of bugs (either Software or Hardware)
3.    Produce a proof-of-concept of a novel exploitation technique for a category of bug (either Software or Hardware)

As a world leader in cloud solutions, Oracle uses tomorrow’s technology to tackle today’s challenges. We’ve partnered with industry-leaders in almost every sector—and continue to thrive after 40+ years of change by operating with integrity. 

We know that true innovation starts when everyone is empowered to contribute. That’s why we’re committed to growing an inclusive workforce that promotes opportunities for all.

Oracle careers open the door to global opportunities where work-life balance flourishes. We offer competitive benefits based on parity and consistency and support our people with flexible medical, life insurance, and retirement options. We also encourage employees to give back to their communities through our volunteer programs.

We’re committed to including people with disabilities at all stages of the employment process. If you require accessibility assistance or accommodation for a disability at any point, let us know by emailing accommodation-request_mb@oracle.com or by calling +1 888 404 2494 in the United States.

Oracle is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans’ status, or any other characteristic protected by law. Oracle will consider for employment qualified applicants with arrest and conviction records pursuant to applicable law.