Senior Software Development Engineer - United Kingdom - Oracle

    Oracle
    Oracle United Kingdom

    1 month ago

    Default job background
    Description
    Senior Software Engineer for Security EHT
    UK, Remote

    Global Product Security's Ethical Hacking Team (EHT) is responsible for performing in-depth security assessments across Oracle's entire product and service portfolio.

    Over the years, the EHT has built a suite of pioneering security tools used for both finding vulnerabilities during assessments and improving the efficiency of teams tasked with triaging them.

    You will be responsible for the maintenance, improvement and growth of these tools, focusing on simplifying their usage and enhancing the experience for our end users.

    You will be working closely with another Software Engineer in the EHT and with our engineers spread across Oracle worldwide.

    Your contributions will add vital pieces to the foundations on top of which Oracle constantly improves security for its users and clients.


    Responsibilities:

    You will be responsible for all our security tools, written in Java, Python and Bash; you will maintain, update and enhance the codebases, as well as write plug-ins and automation scripts.

    You will embed cutting-edge security research techniques into our tools by reading academic papers and implementing relevant ideas.

    You will be responsible for supporting end users (bug fixing and enhancement requests) as well as producing documentation, presentations and reports on tools usage, highlighting success cases and ROI.

    Our ideal candidate is passionate about security and happy to dive deep into source implementations and complex security vulnerabilities to identify innovative ways to automate tests for them at the massive scale of a corporation like Oracle.

    You will learn from the rest of the EHT during real security assessments to gain expertise on state of the art attack techniques, sharpening your skills in security testing so that they can be re-used to improve EHT's tools.


    Requirements:
    Bachelor's or Master's degree in Computer Science or related field
    Combined 5 or more years of experience in security engineering and/or software development.
    Advanced Java knowledge, especially in multi-threading, Object Oriented paradigms (design patterns), REST, API and filesystem handling.
    Proficiency with one among Python , Go, Bash, C or C++. Ability to self-teach any language, given appropriate resources and practice time.
    Familiarity with data structures and distributed systems and Linux OS internals.
    Familiarity with networking protocols (e.g. IP, UDP, TCP,
    Excellent organizational, verbal and written communication skills.

    Experience with SQL database and database optimisation; NoSQL knowledge will be required for the job, and is a desired existing skill.

    Understanding of OWASP Top 10 and Secure Software Development LifeCycle.
    Prior experience with one of semgrep, codeql, valgrind, yara or other CI/CD tools is desirable.
    Prior DevOps or continuous delivery and deployment experience is desirable.
    Working physically in Reading as needed, is desirable but not essential.