DescriptionNOTE: This position will be located at our Austin, TX Headquarters. This is a flex position requiring 3 days a week in office. There is NO sponsorship for this role.
Overview
As part of OracleNetSuite’s Threat and Vulnerability Management Team, the Principal Security Engineer plays a crucial role in the identification, analysis, reporting, and remediation of security vulnerabilities across several NSGBU product lines.
Responsibilities
- Continuously monitor emerging threats and vulnerability disclosures to proactively identify and assess potential impacts on the organization
- Thoroughly analyze and prioritize vulnerabilities based on risk and potential impact to the organization, providing actionable recommendations to stakeholders
- Document findings and risks in executive summaries to facilitate clear communication with stakeholders
- Collaborate with engineering and operations teams to develop and implement effective remediation strategies, ensuring vulnerabilities are addressed in a timely manner
- Lead the integration of automated vulnerability scanning and management tools to streamline processes and improve the team’s overall efficiency
- Provide guidance and mentorship to junior security engineers and analysts, fostering a culture of continuous learning within the team
- Create and present reports on vulnerability status, trends, and metrics to senior management and other stakeholders, highlighting areas for improvement and progress
- Develop templates, procedures, and guidelines for vulnerability management
Qualifications
- Bachelor’s degree in Computer Science, Information Security, or a related field
- 8+ years of experience in information security or security assurance/compliance, with a strong focus on vulnerability management
- Expertise in vulnerability assessment tools (Qualys, Nessus, Rapid7) and issue tracking tools (Jira, Confluence)
- Strong knowledge of technology and security topics, including network security, infrastructure hardening, security baselines, web server security, application security, and database security
- Strong understanding of security frameworks (NIST, OWASP)
- Knowledge of industry and regulatory requirements (PCI, ISO)
- Familiarity with scripting languages (Python, Bash) for automation of vulnerability management processes
- Strong analytical and problem-solving skills, with a proactive approach to identifying and addressing security issues
- Excellent communication and interpersonal skills, with the ability to convey complex technical information to diverse audiences
- Highly self-motivated and directed
- Ability to travel 10% of the time
Career Level - IC4
Responsibilities.
QualificationsDisclaimer:
Certain US customer or client-facing roles may be required to comply with applicable requirements, such as immunization and occupational health mandates.Range and benefit information provided in this posting are specific to the stated locations onlyUS: Hiring Range: from $109,100 to $223,500 per annum. May be eligible for bonus and equity.
Oracle maintains broad salary ranges for its roles in order to account for variations in knowledge, skills, experience, market conditions and locations, as well as reflect Oracle’s differing products, industries and lines of business.
Candidates are typically placed into the range based on the preceding factors as well as internal peer equity.
Oracle US offers a comprehensive benefits package which includes the following:
1. Medical, dental, and vision insurance, including expert medical opinion
2. Short term disability and long term disability
3. Life insurance and AD&D
4. Supplemental life insurance (Employee/Spouse/Child)
5. Health care and dependent care Flexible Spending Accounts
6. Pre-tax commuter and parking benefits
7. 401(k) Savings and Investment Plan with company match
8. Paid time off: Flexible Vacation is provided to all eligible employees assigned to a salaried (non-overtime eligible) position. Accrued Vacation is provided to all other employees eligible for vacation benefits. For employees working at least 35 hours per week, the vacation accrual rate is 13 days annually for the first three years of employment and 18 days annually for subsequent years of employment. Vacation accrual is prorated for employees working between 20 and 34 hours per week. Employees working fewer than 20 hours per week are not eligible for vacation.
9. 11 paid holidays
10. Paid sick leave: 72 hours of paid sick leave upon date of hire. Refreshes each calendar year. Unused balance will carry over each year up to a maximum cap of 112 hours.
11. Paid parental leave
12. Adoption assistance
13. Employee Stock Purchase Plan
14. Financial planning and group legal
15. Voluntary benefits including auto, homeowner and pet insurance
The role will generally accept applications for at least three calendar days from the posting date or as long as the job remains posted.