Security Engineer 4

Oracle Cloud Security Incident Response is looking for a Principal level analyst to join a global team of professionals that investigates suspected security incidents.  We are seeking a well-rounded experienced analyst that is capable of investigating artifacts throughout the entire technology stack to identify, mitigate, timeline, and remediate threats to Oracle's assets. A strong candidate will have experience performing forensic investigations for Network, Hardware, Software, Cloud Services, and Applications. Exposure to many commercial SIEM, EDR, AV, and Scan technologies is a must however, the candidate must understand the fundamentals of computer forensics to reduce reliance on any vendor specific security tooling.  If you are looking to uplevel your global impact and be part of a growing team of elite analysts, please apply.

Career Level - IC4

Responsible for leading investigations of suspected security incidents while seamlessly collaborating across Oracle teams and organizations at a global level.
Perform all aspects of the incident response lifecycle from containment/mitigation, through to reporting, recovery and remediation.
Identify and develop indicators of compromise and implement them into security tooling for scoping and mitigation.
Analyze host and network forensic artifacts for both windows and Linux systems to determine threat actor activity
Ability to build scripts to automate collection, processing, analysis, and triage tasks.  
Leverage logs and live host artifacts to identify reconnaissance, privilege escalation, lateral movement and execution.
Create timelines of attacker activity discovered throughout investigations to be included in final reports.
Write technical reports and documentation for all findings of an investigation.
Improve the incident response program by identifying gaps in coverage, tooling, training, documentation, compliance, and incident response capabilities.
Mentor Junior analysts on next steps during investigations and develop training for any new analysis techniques discovered.
Maintain current knowledge of threat attackers tactics techniques, and procedures and detection methods.
Demonstrate excellent technical written and verbal communications to lead investigations.
Independently work remotely utilizing VPN, remote desktop, email, chat, and video conferencing.

As a world leader in cloud solutions, Oracle uses tomorrow’s technology to tackle today’s challenges. We’ve partnered with industry-leaders in almost every sector—and continue to thrive after 40+ years of change by operating with integrity. 

We know that true innovation starts when everyone is empowered to contribute. That’s why we’re committed to growing an inclusive workforce that promotes opportunities for all.

Oracle careers open the door to global opportunities where work-life balance flourishes. We offer competitive benefits based on parity and consistency and support our people with flexible medical, life insurance, and retirement options. We also encourage employees to give back to their communities through our volunteer programs.

We’re committed to including people with disabilities at all stages of the employment process. If you require accessibility assistance or accommodation for a disability at any point, let us know by emailing accommodation-request_mb@oracle.com or by calling +1 888 404 2494 in the United States.

Oracle is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans’ status, or any other characteristic protected by law. Oracle will consider for employment qualified applicants with arrest and conviction records pursuant to applicable law.