Hardware/Firmware Topology & Offensive Security

The Oracle Cloud Infrastructure (OCI) team can provide you the opportunity to build and operate a suite of massive scale, integrated cloud services in a broadly distributed, multi-tenant cloud environment. OCI is committed to providing the best in cloud products that meet the needs of our customers who are tackling some of the world’s biggest challenges.

We offer unique opportunities for smart, hands-on security engineers with the expertise and passion to solve difficult problems in distributed highly available services and virtual infrastructure. At every level, our engineers have a significant technical and business impact designing and building innovative new systems to power our customer’s business critical applications. Our customers run their businesses on our cloud, and our mission is to provide them with the most secure cloud services.

The OCI Hardware Security group conducts Security assessments of the production hardware that runs our cloud, and develops the requirements for future Networking, Storage, Compute components. We work closely across Oracle, with third party vendors, and with standards organization to influence the next generation of hardware platform security. In addition to defining the best hardware, OCI HW Security knows that platform security also depends on how that hardware is used. To that end, HW Security also works closely with OCI's operations and engineering teams, constantly striving to improve Oracle Cloud's overall operational security posture by defining the supply chain and operational requirements to establish best practices for managing security for every device in our data centers.

A security-focused engineer at any level can have significant technical and business impact. Come shape the future of one of the largest clouds on earth with us. Overall, the OCI Security Architecture team performs a variety of work ranging from cloud security, application security, vulnerability analysis, threat modeling, and hacking/enterprise network penetration.

The biggest challenges for the team is the dynamic and fast growth of the business, driving us to improve our systems, tools, and automation to scale to our security expertise several orders of magnitude greater than what we can support today. We understand that software is living and needs investment. The challenge is making the right tradeoffs, communicating those decisions effectively, and crisp execution.

Career Level - IC4

• Develop and communicate requirements for new vendors and hardware (compute, storage, networking) 
• Perform architectural reviews, penetration testing, vulnerability analysis of compute infrastructure hardware such as

o   Servers (Intel, AMD and ARM)

o   Baseboard Management Controllers such as Oracle’s ILOM

o   UEFI and platform firmware

o   Smart NICS

o   Storage devices

o   Network controllers and other peripherals

Network hardware/firmware, topology and security expertise

• Provide consulting on security risk associated with compute hardware and firmware in the context of cloud usage
• Provide consulting and review of device sanitization as per NIST-800-88 R1 standards
• Provide standard operating procedures for safe use of compute hardware through its lifecycle i.e. provisioning, operations and reuse/decommission
• Skills Responsibilities displayed in the job posting Qualifications displayed in the job posting
•  Engage with Oracle Hardware Division and third party vendors to understand their roadmaps
• Create planning roadmaps to drive multi-year security improvements across the OCI Infrastructure
• Review or assess engineering changes, or revisions of, an existing component. E.g.: new firmware for a device, vendor revision of an existing device Identify and participate in external standards groups to drive improvements across the industry
• Consult development teams and third-party vendors in design and architecture of secure systems
• Champion and consult on secure development life-cycle practices 
• Communicate and educate Senior Management on key Security topics and directions

 

 

 

 

Range and benefit information provided in this posting are specific to the stated locations only

CA: Hiring Range in CAD from: $76,700 to $167,600 per annum.


Oracle maintains broad salary ranges for its roles in order to account for variations in knowledge, skills, experience, market conditions and locations, as well as reflect Oracle’s differing products, industries and lines of business.
Candidates are typically placed into the range based on the preceding factors as well as internal peer equity.

As a world leader in cloud solutions, Oracle uses tomorrow’s technology to tackle today’s challenges. We’ve partnered with industry-leaders in almost every sector—and continue to thrive after 40+ years of change by operating with integrity. 

We know that true innovation starts when everyone is empowered to contribute. That’s why we’re committed to growing an inclusive workforce that promotes opportunities for all.

Oracle careers open the door to global opportunities where work-life balance flourishes. We offer competitive benefits based on parity and consistency and support our people with flexible medical, life insurance, and retirement options. We also encourage employees to give back to their communities through our volunteer programs.

We’re committed to including people with disabilities at all stages of the employment process. If you require accessibility assistance or accommodation for a disability at any point, let us know by emailing accommodation-request_mb@oracle.com or by calling +1 888 404 2494 in the United States.

Oracle is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans’ status, or any other characteristic protected by law. Oracle will consider for employment qualified applicants with arrest and conviction records pursuant to applicable law.