Security Tooling Engineer in London

Job description

Job Description Global Product Security's Ethical Hacking Team (EHT) is responsible for performing in-depth security assessments across Oracle's entire product and service portfolio. Over the years, the EHT has built a suite of pioneering security tools used for both finding vulnerabilities during assessments and improving the efficiency of teams tasked with triaging them. You will be responsible for the maintenance, improvement and growth of these tools, focusing on simplifying their usage and enhancing the experience for our end users. You will be working closely with another Software Engineer in the EHT and with our engineers spread across Oracle worldwide. Your contributions will add vital pieces to the foundations on top of which Oracle constantly improves security for its users and clients. Responsibilities You will be responsible for all our security tools, written in Java, Python and Bash; you will maintain, update and enhance the codebases, as well as write plug-ins and automation scripts. You will embed cutting-edge security research techniques into our tools by reading academic papers and implementing relevant ideas. You will be responsible for supporting end users (bug fixing and enhancement requests) as well as producing documentation, presentations and reports on tools usage, highlighting success cases and ROI. Our ideal candidate is passionate about security and happy to dive deep into source implementations and complex security vulnerabilities to identify innovative ways to automate tests for them at the massive scale of a corporation like Oracle. You will learn from the rest of the EHT during real security assessments to gain expertise on state of the art attack techniques, sharpening your skills in security testing so that they can be re-used to improve EHT's tools. Requirements: Bachelor's or Master's degree in Computer Science or related field Combined 4 or more years of experience in security engineering and/or software development. Advanced Java knowledge, especially in multi-threading, Object Oriented paradigms (design patterns), REST, HTTP API and filesystem handling. Previous experience with one of semgrep, codeql, valgrind, yara or other CI/CD tools for dynamic inspection of source and/or binaries. Proficiency with one among Python, Go, Bash, C or C++. Ability to self-teach any language, given appropriate resources and practice time. Familiarity with data structures and distributed systems. Knowledge of Linux OS internals. Familiarity with networking protocols (e.g. IP, UDP, TCP, HTTP) and related security protocols (e.g. TLS, key exchange). Experience with SQL database and database optimisation; NoSQL knowledge will be required for the job, and is a desired existing skill Ability to participate in web, network and infrastructure penetration tests; practical knowledge of common web flaws (SQL injection, XSS, SSRF, upload/download abuse, RCE). Understanding of OWASP Top 10, security vulnerability handling and security research practices. Excellent organizational, verbal and written communication skills. Prior DevOps or continuous delivery and deployment CI/CD experience is desirable. Ability to join team meetings, working physically in Reading as needed, is preferable.

About Us As a world leader in cloud solutions, Oracle uses tomorrow's technology to tackle today's problems. True innovation starts with diverse perspectives and various abilities and backgrounds. When everyone's voice is heard, we're inspired to go beyond what's been done before. It's why we're committed to expanding our inclusive workforce that promotes diverse insights and perspectives. We've partnered with industry-leaders in almost every sector-and continue to thrive after 40+ years of change by operating with integrity. Oracle careers open the door to global opportunities where work-life balance flourishes. We offer a highly competitive suite of employee benefits designed on the principles of parity and consistency. We put our people first with flexible medical, life insurance and retirement options. We also encourage employees to give back to their communities through our volunteer programs. We're committed to including people with disabilities at all stages of the employment process. If you require accessibility assistance or accommodation for a disability at any point, let us know by calling +1 888 404 2494, option one. Disclaimer: Oracle is an Equal Employment Opportunity Employer*. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans' status, or any other characteristic protected by law. Oracle will consider for employment qualified applicants with arrest and conviction records pursuant to applicable law. * Which includes being a United States Affirmative Action Employer JBRP1_UKTJ

Extra information

Status

Closed

Education Level

Secondary School

Location

London

Type of Contract

Full-time jobs

Profession type

Scientific Services

Full UK/EU driving license preferred

No

Car Preferred

No

Must be eligible to work in the EU

No

Cover Letter Required

No

Languages

English