Descripción:

All over the world, people's lives are better because of Oracle. Want to make a difference? Join our company of change-makers.

From Oracle to culinary school and back again. Bonnie Carlson Kaypaghian uses the skills she learned to create recipes for her daughter’s Type 1 Diabetes and has written a cookbook to share with the world. #LifeatOracle

Senior SOC Engineer-21000CV4Applicants are required to read, write, and speak the following languages:English Preferred Qualifications

Sr. SOC Engineer

We are seeking a Sr. SOC Engineer to join the Oracle+NetSuite Security team responsible for securing systems, infrastructure, services and data. The Security Operations Center Analyst will use data collected from a variety of information security tools and sources (including intrusion detection system alerts, firewall and network traffic logs, and host system logs) to analyze events that occur within the enterprise, perform threat analysis, and handle response activities related to potential security incidents.

The candidate must be able to routinely evaluate priorities based on the dynamic nature of the environment. The role requires close collaboration with peers across multiple geographic regions to discuss issues, solutions, and investigations. Partnership with multiple internal security, operations, and business teams is paramount for success and overall improvement of security operations. Mentoring is highly encouraged to develop professional relationships and grow colleagues.

Responsibilities Include:

Respond to security potential incidents, draft comprehensive incident reports, document and execute lessons learned

Identify security events requiring immediate escalation and response

Document and communicate analysis of research and findings to peers and leadership

Monitor and analyze security events, network traffic, and security alerts across the enterprise

Perform advanced analysis of security events and alerts

Correlate events from multiple sources during investigations

Assist with ongoing development and improvement of processes, detection capabilities, and response procedures to improve overall SOC functions

Conduct investigations of potential intrusion attempts to determine remediation actions and escalation paths

Facilitate meetings to collaborate with internal teams to identify, resolve, and mitigate attacks and exploits

Perform incident response and handling following documented procedures

Track investigation activities during an incident, including identifying next steps, spanning across multiple shifts

Monitor external data sources to maintain awareness of threat condition and determine which security issues may have an impact on the enterprise

Lead a team of junior analysts

Required Skills and Experience:

Knowledge of security controls including network security technologies (IDS, IPS, firewall, WAF, and RASP), OS hardening, file integrity monitoring, authentication

Strong understanding of system and network security threats and vulnerabilities

Hands-on experience with TCP/IP and data packet capture analysis, networking fundamentals, common network services, network vulnerabilities and network attack patterns

Experience in security event monitoring and triage, incident response, and/or system/network auditing

Hands-on experience using SIEM for data analysis and EDR tools for response purposes

Familiarity with network and endpoint security applications and tools including network scanning tools, NIDS/HIDS, firewalls and web proxies

Self-motivated, excellent analytical and problem solving and critical thinking skills

Exercise sound judgement calls for investigative purpose, including making the determination to close a case

Ability to proactively and clearly communicate with other technical and non-technical teams during investigations, lessons learned, and to learn about the environment

Experience writing detailed incident reports and updates on a regular basis

2+ years leading a team of analysts

5+ years as a SOC Analyst

10+ years in Information Technology preferably as a security engineer, system administrator, or network engineer

Bachelor’s degree in Computer Science, Computer Engineering, MIS, or related field

Effective time management skills by completing assignments or delivering updates within required deadlines

Preferred Skills and Experience:

Experience with Linux system administration, scripting, log parsing, vulnerability assessments/penetration testing, or vulnerability management

Scripting, programming knowledge and experience

Familiarity with industry recognized frameworks including but not limited to MITRE ATT&CK, ADS, NIST 800, and CIS

Recognized industry certification and/or continuing education programs are a major plus including GCIH, GCIA, CISSP, GCFA, GMON, GREM, GNFA

Advanced understanding of Unix & Windows functionality, access control, event logs and monitoring; application and network security

Working knowledge of forensics, incident response and threat hunting methodologies for a cloud service provider

Detailed Description and Job Requirements Responsible for the planning, design and build of security architectures; oversees the implementation of network and computer security and ensures compliance with corporate security policies and procedures.
Responsible for basic planning, design and build of security systems, applications, environments and architectures; oversees the implementation of security systems, applications, environments and architectures and ensures compliance with information security standards and corporate security policies and procedures.Assist in development of incident response capabilities, training, and tool validation.May research, evaluate, track, and manage information security threats and vulnerabilities in situations where analysis of well-understood information is required and where computer programming/scripting knowledge is required.May participate in an incident management team, responding to security events in line with Oracle incident response playbooks. Investigates purported intrusions and breaches, and oversees root cause analysis. Coordinates incidents with other business units and may assist the Incident Commander during serious incidents. Participates in developing new methods, and playbooks, as well as basic scripts, applications, and tools. Research industry trends and constantly assess current controls and threat posture of new and existing products and services.Recommend and implement new security controls across Oracle’s line of business (LOB).Improve current processes and workflows to minimize manual efforts.
Minimum of 5 years related experience in an information security role, supporting security programs and security engineering/architecture in complex enterprise environments. Hands on experience with enterprise security architecture, engineering and implementation required.Knowledge of compliance program security controls, like ISO 27001, SOC 2, HITRUST, and FedRAMP, as applied to cloud SaaS, PaaS and IaaS operations.Familiarity with SDLC principles and scripting & programming languages (such as Terraform, Python, Ruby, etc.).Preferred but not required qualifications include:Bachelor-level university degree in a relevant field from an accredited university, or equivalent. Experience in developing secure, scalable cloud architectures and distributed systems.Experience with high-level software design and development and the design, use, and deployment of automation and orchestration frameworks.Demonstrable scripting or programming experience.