Jobs
>
Reading

    Senior Principal Security Engineer - Reading, United Kingdom - Oracle

    Oracle
    Oracle Reading, United Kingdom

    Found in: Appcast UK C C2 - 5 days ago

    Default job background
    Technology
    Description
    Researcher

    Job Description


    Do you have a passion for high scale services and working with some of Oracle's most critical customers? We are seeking experienced, passionate, and talented security researchers who have genuine excitement for and interest in computer security and vulnerability research.

    You must relish the challenge of assessing large, complex software products.

    Creativity is highly valued; being able to find novel bugs and stitch them together to create something greater than the sum of their parts is essential in this role.

    Who We Are

    We are a world-class team of high calibre application security researchers and analysts who thrive on new challenges. We are an inclusive and diverse team with a full spectrum of experience distributed globally.

    We have the resources of a large enterprise and the energy of a start-up, working on a critical Greenfield software assurance project collaboratively with our cloud and mobile engineering teams.

    The Software Assurance organisation has the mission is to make application security and software assurance, at scale, a reality.

    We are a dedicated team, leveraging each other's insights and abilities to produce cutting edge solutions to difficult problems through automation and CI/CD.

    Join us to grow your career and create the future of software assurance at scale together.

    Responsibilities

    Work You'll Do


    As a member of our team, you will be responsible for planning and delivering in depth security assessments, architecting secure solutions, liaising with customers across a variety of products and services.

    Your next project could be anything from secure systems design, static and dynamic analysis of a multi-node Java infrastructure, to writing a fuzzer for an undocumented network protocol or the grammar of a new programming language, to analysis and reverse engineering of firmware used in the thousands of servers supporting our cloud services.


    Other responsibilities include:
    Designing and evaluating complex systems for computer security

    Scope and execute security assessments and vulnerability research

    Perform in-depth security assessments using results from static and dynamic analysis

    Create testing tools to help engineering teams identify security-related weaknesses

    Producing written evidence for external auditors

    Collaborate with engineering teams to help them triage and fix security issues

    Collaborate with operational security teams to define run books and perform threat hunting

    Mentor members of the team in computer and software security as a role model

    What You'll Bring

    Bachelor's or Master's degree in Computer Science or related field (e.g. Electrical Engineering)

    12+ years of relevant experience in one or more of the following areas: software/product security assessments, penetration testing, red teaming, web application assessments

    Interest in vulnerability research and exploit development

    Understanding of operating systems, CPU instruction sets and their associated security designs.

    Understanding of exploit mitigations (DEP, ASLR, CFG, PAC, CET, etc.)

    Experience of threat hunting and log and alert analysis

    Demonstrable experience in designing and evaluating complex systems for security.

    Aptitude for self-study, setting and achieving long term goals (for example, learning an unfamiliar programming language)

    Ability to effectively assess and communicate risks and appropriate levels of urgency to management and engineering staff.

    Excellent organisational, presentation, verbal, and written communication skills

    Nice to Have

    Experience working in a large cloud or Internet software company

    Proficiency with multiple programming languages, preferably Go, Java, Python or C/C++

    Ability to perform manual source code reviews in one of the aforementioned languages, or assisted review with code analysis tools such as CodeQL

    Experience navigating and working with extremely large codebases is also highly desirable

    Experience using common security assessment tools and techniques in one or more the following categories:

    Mobile Application Assessment (iOS / Android)

    Reverse Engineering (e.g. IDA Pro/Ghidra/Radare2)

    Fuzzing (e.g. Jazzer/AFL/Peach)

    Web Application assessment (e.g. Burp Suite Proxy, ZAP, REST API testing)

    Proven experience with security research including any published CVEs

    Experience developing proof of concept exploits bypassing modern exploit mitigations

    Active participant or organiser of Capture The Flag competitions

    Knowledge of common vulnerabilities in different types of software and programming languages, including:

    How to test for/exploit them

    Real world mitigations that can be applied

    Familiarity with vulnerability classification frameworks (e.g. OWASP Top 10, CVSS, MITRE CVE)

    What We'll Give You

    A team of very skilled and diverse personnel across the globe

    Ability to work in a flexible work from home arrangement

    Exposure to mind blowing large-scale cutting-edge systems

    The resources of a large, global operation while still having the small, start-up feel of a smaller team day to day

    Develop new skills and competencies working with our vast cloud product offerings

    Ongoing extensive training and skills development to further your career aspirations

    Incredible benefits and company perks

    An organisation filled with smart, enthusiastic, and motivated colleagues

    The opportunity to impact and improve our systems and delight our customers


    Responsible for expert planning, design and build of security systems, applications, environments and architectures; oversees the implementation of security systems, applications, environments and architectures and ensures compliance with information security standards and corporate security policies and procedures.


    Evaluates existing and proposed technical architectures for security risk, provides expert technical advice to support the design and development of secure architectures and recommends security controls to mitigate those risks.

    Evaluations of internal security architecture may include design assessment, risk assessment, and threat modeling.

    Provides expert technical advice and direction to support the design and development of secure architectures.

    Maintain expert proficiency in emerging trends in information security.


    Determine the best practices for the large-scale Big Data infrastructure used by some Oracle LOBs, including tooling, data architecture, and content.

    May lead incident management teams and provide expert level incident management expertise. Coordinates incidents with other business units and may act as incident commander of multiple serious incidents. Leads development of new methods, playbooks and provide thought-leadership related to incident management throughout Oracle.


    May provide leadership in an incident management team, bringing expert-level skills to respond to security events in line with Oracle incident response playbooks.

    Investigates purported intrusions and breaches, and oversees root cause analysis. Coordinates incidents with other business units and may act as Incident Commander on multiple serious incidents. Leads development of new methods, and playbooks, as well as highly sophisticated scripts, applications, and tools. Trains and mentors other staff, and may supervise incident management teams.


    Brings expert-level skills to research, evaluate, track, and manage information security threats and vulnerabilities in situations where in-depth analysis of ambiguous information is required, but no computer programming/scripting knowledge is required.

    Leads development of highly sophisticated scripts, applications, and tools, and trains others in their use.


    Focus on operational and strategic level tasks, and provide counsel and guidance to the junior level security operations engineers in the department.

  • Oracle

    Security Engineer

    Found in: Appcast UK C C2 - 1 day ago

    Oracle reading, United Kingdom Full time

    Responsible for the planning, design and build of SIEM detections; automation and SOC workflow enrichments. Strong understanding of current threat landscape, data ingest and telemetry requirements. · Experience with SIEM platforms such as Splunk, Azure Sentinel, Qradar, Exabeam, ...

  • Focus Resourcing Limited

    Cyber Security Engineer

    Found in: Ziprecruiter UK C2 - 5 hours ago

    Focus Resourcing Limited Reading, United Kingdom

    Job Description · Due to growth our client is seeking an experienced Cyber Security Engineer for their team in Reading. For this exciting role we are seeking an engineer who has gained knowledge and experience in web application security, web application firewalls, vulnerability ...

  • Oracle

    Security Engineer 4

    Found in: Appcast UK C C2 - 1 day ago

    Oracle Reading, United Kingdom Undefined

    Responsible for the planning, design and build of SIEM detections; automation and SOC workflow enrichments. Strong understanding of current threat landscape, data ingest and telemetry requirements. · Experience with SIEM platforms such as Splunk, Azure Sentinel, Qradar, Exabeam, ...

  • AWE

    Security Maintenance Engineer

    Found in: Jooble UK O C2 - 4 days ago

    AWE Reading, Berkshire, United Kingdom

    CALLING ALL SECURITY MAINTENANCE ENGINEERS · Would you like to work in a business which is critical to UK defence, UK Threat reduction and the UK's Nuclear deterrent? · This is a site-based role in the Reading/ Berkshire area so no more travelling over large distances to conduc ...

  • Energy Jobline CVL

    Installation Security Engineer

    Found in: Jooble UK O C2 - 5 days ago

    Energy Jobline CVL Reading, Berkshire, United Kingdom

    CCTV/Security Installation Engineer · We're currently on the lookout for a skilled and dedicated Integrated Security Systems Installation Technician to join our clients team. As an Installation Technician, your primary responsibility will be to ensure the flawless installation o ...

  • Oracle

    Principal Security Engineer

    Found in: Talent UK C2 - 1 day ago

    Oracle Reading, United Kingdom Regular Employee

    Responsible for the planning, design and build of SIEM detections; automation and SOC workflow enrichments. Strong understanding of current threat landscape, data ingest and telemetry requirements. · Experience with SIEM platforms such as Splunk, Azure Sentinel, Qradar, Exabeam, ...

  • RGB Network

    Fire & Security Engineer - Reading -

    Found in: Click to Hired UK C2 - 1 day ago

    RGB Network Reading, United Kingdom Permanent, Full time

    Fire & Security Engineer – Reading - £36,000 · RGB Network are currently representing a well-established and well-respected fire and security company who operate on a nationwide basis, although engineers are kept to local patches depending on where they're based. · Operating thro ...

  • RGB Network

    Fire and Security Systems Engineer

    Found in: Jooble UK O C2 - 1 day ago

    RGB Network Reading, Berkshire, United Kingdom

    Fire & Security Engineer - Reading - £36,000 · RGB Network are currently representing a well-established and well-respected fire and security company who operate on a nationwide basis, although engineers are kept to local patches depending on where they're based. · Operating thr ...

  • Oracle

    Senior Principal Security Engineer

    Found in: Talent UK C2 - 1 day ago

    Oracle Reading, United Kingdom Regular Employee

    Researcher · Job Description · Do you have a passion for high scale services and working with some of Oracle's most critical customers? We are seeking experienced, passionate, and talented security researchers who have genuine excitement for and interest in computer security an ...

  • Rapid7

    Senior Security Sales Engineer

    Found in: Talent UK C2 - 1 day ago

    Rapid7 Reading, United Kingdom

    As a Specialist Solutions Engineer at Rapid7, you will be responsible to work as a team, working across organizations, to partner and assist pre-sales to close strategic deals, improve our products, processes and procedures and be an advocate for our customers. You'll serve as a ...

  • Digital Waffle

    Security Cleared Data Cabling Engineer

    Found in: Appcast UK C2 - 1 day ago

    Digital Waffle Reading, United Kingdom Contract

    Position: Data Cabling Engineer (Temp/Contract/Freelance) · Department: Information Technology / Network Infrastructure · Location: M4 Corridor - Bristol, Swindon, Reading, Heathrow · Job Summary: We are seeking a skilled and dedicated Data Cabling Engineer to join our Informatio ...

  • Digital Waffle

    Security Cleared Data Cabling Engineer

    Found in: Jooble UK O L C2 - 2 days ago

    Digital Waffle Reading, Berkshire, United Kingdom

    Position: Data Cabling Engineer (Temp/Contract/Freelance)Department: Information Technology / Network InfrastructureLocation: M4 Corridor - Bristol, Swindon, Reading, HeathrowJob Summary: We are seeking a skilled and dedicated Data Cabling Engineer to join our Information Technol ...

  • HelpSystems LLC

    Senior Security Engineer

    Found in: Talent UK C2 - 1 day ago

    HelpSystems LLC Theale, United Kingdom Full time

    Problem Solvers. Proactive Protectors. Relentless Allies. · Ready to join us? Let's get started. · With the growing SaaS workload operating within cloud environments, we need strong Cloud Security Engineering leadership to align and enable the businesses goals. The Cloud Securi ...

  • HelpSystems LLC

    Sr. Security Engineer

    Found in: Talent UK C2 - 1 day ago

    HelpSystems LLC Theale, United Kingdom Full time

    Problem Solvers. Proactive Protectors. Relentless Allies. · Ready to join us? Let's get started. · Fortra has an exciting opportunity on the Corporate Security team for a Sr. Security Engineer. This role will focus on identifying novel threats impacting Fortra and devising stra ...

  • Aspect Resources

    Senior EC&I Engineer

    Found in: SonicJobs Direct Apply UK - 19 hours ago

    Aspect Resources Reading, United Kingdom Full time

    Role: Senior Design Engineer - EC&I · Location: Aldermaston, Reading (100% on site) · IR35: Inside · Rate: £63.29/hr (Umbrella) MAX · Duration: 18 Months · Security Clearance: SC · Minimum Requirement: · Design EC&I engineer – Senior · Low level to high level enclosures · Laser w ...

  • AWE Plc

    Maintenance & Reliability Engineer

    Found in: SonicJobs Direct Apply UK - 1 day ago

    AWE Plc Reading, United Kingdom

    Maintenance & Reliability Engineer · Location: Reading / Basingstoke Area · Package: £35,720 - £50,000 (depending on suitability) · As part of our People Promise, AWE (one of the best 25 big companies to work for in the UK) has a range of benefits to suit you. These include: · Ti ...

  • AWE Plc

    Senior Warhead Mechanical Engineer

    Found in: SonicJobs Direct Apply UK - 3 days ago

    AWE Plc Reading, United Kingdom

    AWE's Nuclear Threat Reduction team currently have an excellent opportunity for a Senior Mechanical Engineer responsible for the design, manufacture, assembly and validation on a broad range of engineering projects. · Location:Aldermaston, West Berkshire. We are located between ...

  • AWE Plc

    Mechanical Handling Senior Engineer

    Found in: SonicJobs Direct Apply UK - 19 hours ago

    AWE Plc Reading, United Kingdom

    AWE's Facility Design Authority is now recruiting for a Mechanical Handling Senior Design Engineer to provide guidance and advice that ensures utilities, infrastructure, engineering processes, equipment and facilities are compliant with legislation, standards and requirements ass ...

  • Morson Talent

    Plant Technician

    Found in: SonicJobs Direct Apply UK - 2 days ago

    Morson Talent Reading, United Kingdom Full time

    Position: Plant Technician Commercial Boilers (High Temperature Hot Water) · Location: Burghfield · Role: Permanent · Morson Talent is excited to present a fantastic opportunity for a Plant Operator to join a company that has received significant investment and operates on an ...

  • AWE Plc

    Warhead Mechanical Engineer

    Found in: SonicJobs Direct Apply UK - 3 days ago

    AWE Plc Reading, United Kingdom

    AWE's Nuclear Threat Reduction team currently have an excellent opportunity for a Mechanical Engineer responsible for the design, manufacture, assembly and validation on a broad range of engineering projects. · Location:Aldermaston, West Berkshire. We are located between Reading ...