- Which includes being a United States Affirmative Action Employer
-
Senior Engineer, Information Security
1 week ago
Cardinal Health Montpelier, United StatesCardinal Health · Senior Engineer, Information Security · Montpelier , · Vermont · Apply Now · Senior Engineer – Purple Team Working together, we can make a difference in healthcare for our customers and communities. Your contributions, along with colleagues around the world ...
-
Manager, Data Security Engineer
2 days ago
General Motors Montpelier, United StatesGeneral Motors · Manager, Data Security Engineer · Montpelier , · Vermont · Apply Now · This role is based remotely but if you live within a 50-mile radius of Austin, TX, Roswell, GA or Warren, MI, you are expected to report to that location three times a week, at minimum · ...
-
Security Engineer
5 days ago
The College Board Montpelier, United StatesThis job was posted by : For more information, please see: Technology Division, Cyber Security Operations Team · 100% Remote (working EST) · About the Team: · The Cyber Security Operations team is critical to the strategic foundation of our products, most notably the secure ...
-
Senior Security Engineer
1 week ago
Fastly Montpelier, United StatesFastly · Senior Security Engineer - Detection and Response · Montpelier , · Vermont · Apply Now · Fastly helps people stay better connected with the things they love. Fastly's edge cloud platform enables customers to create great digital experiences quickly, securely, and re ...
-
Cloud Security Engineer
3 weeks ago
National Life Group Montpelier, United StatesSenior Information Security Engineer · Job Summary: · Are you an experienced Information Security Engineer with a passion for protecting cloud infrastructures from cyber threats? Do you thrive on designing and implementing innovative security solutions to safeguard the confiden ...
-
Application Security Engineer
3 weeks ago
Travelers Insurance Montpelier, United StatesWho Are We? · Taking care of our customers, our communities and each other. That's the Travelers Promise. By honoring this commitment, we have maintained our reputation as one of the best property casualty insurers in the industry for over 160 years. Join us to discover a culture ...
-
FIM Security Engineer
2 weeks ago
Beacon Hill Staffing Group Montpelier, United StatesThis job was posted by : For more information, please see: 6-12 month Contract to Hire. · FULLY REMOTE · They are looking for someone who has File Integrity Monitoring (FIM) and familiarity with PCI and SOX compliance. The role is focused more on governance and compliance, no ...
-
FIM Security Engineer
2 weeks ago
Beacon Hill Staffing Group Montpelier, United StatesThis job was posted by : For more information, please see: 6-12 month Contract to Hire. · FULLY REMOTE · They are looking for someone who has File Integrity Monitoring (FIM) and familiarity with PCI and SOX compliance. The role is focused more on governance and compliance, not ...
-
Senior Security Engineer
3 weeks ago
Oracle Montpelier, United StatesJob Description · There is a requirement that this person be a US Citizen due to job responsibilities in support of US Federal and DOD agencies. · Responsibilities · Conduct rigorous security testing focusing on applications using standard static and dynamic security testing tool ...
-
Highmark Health Montpelier, United StatesHighmark Health · Senior Identity Access Management Security Engineer · Montpelier , · Vermont · Apply Now · The Identity & Access Management Senior Security Engineer is responsible for acting as resource, leader, and peer coach with other engineers in the development, testi ...
-
Sr. Product Security Engineer
1 week ago
Kansas Action for Children Montpelier, United Statesat CrowdStrike, Inc. in Topeka, Kansas, United States · Job Description CrowdStrike, Inc. · at CrowdStrike, Inc. in Topeka, Kansas, United States · Job Description CrowdStrike, Inc. · Full time · R17678 · #WeAreCrowdStrike and our mission is to stop breaches. As a global lead ...
-
Engineer, Information Security and Risk
2 weeks ago
Cardinal Health Montpelier, United StatesHeadquartered in Dublin, Ohio, Cardinal Health, Inc. (NYSE: CAH) is a global, integrated healthcare services and products company connecting patients, providers, payers, pharmacists and manufacturers for integrated care coordination and better patient management. Backed by nearly ...
-
Cardinal Health East Montpelier, United StatesWhat Information Security and Risk contributes to Cardinal Health · This role of Identity Engineer on Associates Solution IAM team within Cardinal Health's Global Identity and Access Management organization. This role will be responsible for leading complex initiatives integratin ...
-
Security Engineer, Investigations
3 weeks ago
Meta Inc East Montpelier, United StatesSummary: · The Integrity, Investigations, and Intelligence (i3) teams at Meta are dedicated to protecting the users of our family of applications (e.g. Facebook, Instagram, WhatsApp, Oculus) from a multitude of threats including: criminal organizations, human trafficking and expl ...
-
Staff Security Engineer
2 weeks ago
Fastly East Montpelier, United StatesFastly helps people stay better connected with the things they love. Fastly's edge cloud platform enables customers to create great digital experiences quickly, securely, and reliably by processing, serving, and securing our customers' applications as close to their end-users as ...
-
Senior Security Engineer
2 weeks ago
Fastly East Montpelier, United StatesFastly helps people stay better connected with the things they love. Fastly's edge cloud platform enables customers to create great digital experiences quickly, securely, and reliably by processing, serving, and securing our customers' applications as close to their end-users as ...
-
Security Engineer, Investigations
1 week ago
Meta Inc East Montpelier, United StatesSummary: · The Integrity, Investigations, and Intelligence (i3) teams at Meta are dedicated to protecting the users of our family of applications (e.g. Facebook, Instagram, WhatsApp, Oculus) from a multitude of threats including: criminal organizations, human trafficking and exp ...
-
Public Affairs Manager, Security Engineering
1 week ago
META Montpelier, United StatesMeta · Public Affairs Manager, Security Engineering · Montpelier , · Vermont · Apply Now · Meta is looking for a Public Affairs Manager to join its Security Communications Team. In this role, you will support our cross-company information security efforts in developing and e ...
-
Cardinal Health Montpelier, United States**What Information Security and Risk contributes to Cardinal Health** · This role of Identity Engineer on Associates Solution IAM team within Cardinal Healths Global Identity and Access Management organization. This role will be responsible for leading complex initiatives integr ...
-
Sr Engineer Information Security
3 weeks ago
Cardinal Health East Montpelier, United StatesAt Cardinal Health, our Information Security team is focused on protecting Cardinal Health, our customers, and their patients. This is critical as Cardinal Health aspires to become healthcare's most trusted partner - digital trust and resiliency are essential components of this j ...
Offensive Security Engineer, 3 - Montpelier, United States - Oracle
Description
Job Description
The Oracle Cloud Infrastructure (OCI) Offensive Security team provides OCI with the capabilities to ensure our systems and services meet the security objectives we communicate to customers.
The Offensive Security group performs security assessments, vulnerability research, static and dynamic analysis research, penetration testing, red-teaming, and security tool development.
We ensure the security of the software and hardware that runs our cloud infrastructure and strive for continuous improvement. The OCI Offensive Security group works as a team. We don't fit people into predefined roles.We bring together the right people who enhance team capability and build roles around each team member's skills and interests.
Values are OCI's foundation and how we deliver excellence. We strive for equity, inclusion, and respect for all. We are committed to the greater good in our products and our actions. We are continually learning and taking opportunities to grow our careers and ourselves. We challenge each other to stretch beyond our past to build our future. You can learn more about us by visiting .
Are you interested in building large-scale distributed security systems and tools for the cloud? Do you love the idea of working in an environment with the excitement of a start-up, but the financial backing of a Fortune 100 company? This role offers huge upside potential, high visibility, and fast career growth without the risks of a typical start-up.
This is a unique opportunity to work with smart people to solve complex problems in distributed systems, security, and multi-tenant Infrastructure-as-a-Service (IaaS) operating at massive scale.
The biggest challenges for the team is the dynamic and fast growth of the business, driving us to improve our systems, tools, and automation to scale to our security expertise several orders of magnitude greater than what we can support today.
We understand that software is living and needs investment. The challenge is making the right tradeoffs, communicating those decisions effectively, and crisp execution. We hope you like working at scale as much as we do because Oracle has no shortage of it Craft the future of one of the largest clouds on earth with usOur ideal candidate is a hardworking and hands-on engineer who cares about security and improves their knowledge every day.
We're looking for hands-on cloud hackers with expertise and passion in identifying and exploiting complex security problems in distributed, multi-tenant services and infrastructure.
We operate distributed systems at a high scale, worldwide. These are the foundations of our cloud environment.Our customers run their businesses on our cloud, and our mission is to provide them with a best-in-class and ever-expanding set of cloud-based services.
A security-focused engineer at any level can have significant technical and business impact. Come shape the future of one of the largest clouds on earth with us.To get you excited, here is a list of some of the projects over the last year this team has worked on:
Big iron - ExaLogic, ExaData, UltraSPARC, InfiniBand
Firmware reverse engineering of various hardware components
Developing custom fuzzing platforms for code-coverage analysis
Several different hypervisors
Linux and Windows kernel mode non-sense
The list goes on and on
This role is for a hands-on cloud hacker on the Offensive Security Team.
Responsibilities
Responsibilities
You enjoy diving into complex source code audits to reveal subtle security vulnerabilities
Writing new tools such as fuzzers in languages such as C/C++, Python, Ruby, Go or Java,
Tearing apart an undocumented file format or network protocol
Coming up with novel techniques to solve unique and interesting security problems
Review new services, including their integration points with existing services
Guide security projects beyond the scope of performing assessment work
Identify and disclose vulnerabilities to 3rd party vendors
Design complex systems and services that improve quantity or quality of offensive security output
You'll reviews new features of moderate complexity in existing systems, identifying areas of new risk created; work with service teams to explore and recommend mitigations; and collaborate across service teams and security stakeholders
Qualifications
Bachelor's degree in computer science, related field or equivalent work experience
Intermediate to advanced experience with virtualization and containerization technologies
Evidence of participation in the security community via contribution to open source projects, tool development, blog writing, or responsibly disclosed vulnerabilities
Ability to effectively assess and communicate risks and appropriate levels of urgency to management and engineering staff
Ability to succeed via collaboration and working between internal and external organizations and individuals
Excellent organizational, verbal and written communication skills
Intermediate knowledge of Linux OS Internals
Functional knowledge of one programming language and ability to read one high-level programming language such as Java
Previous role as Security Operations Center (SOC) Analyst, Vulnerability Management, DevOps, CICD
Preferred Qualifications
Undergraduate or Graduate degree in Electrical Engineering, Computer Science, or another related field or equivalent work experience.
Hands-on experience developing services on a public cloud platform (e.g., AWS, Azure, Oracle)
Building continuous integration/deployment pipelines with robust testing and deployment schedules
Experience working with internal customers and translating requests into prioritized work or features
Expertise in applying risk identification techniques to develop security solutions
Experience and understanding of Cryptographic algorithms, standards, implementation and application
Experience and understanding of threat modeling, penetration testing, reverse engineering and attacks on software
Experience working with large enterprise customers
Active TS/SCI Clearance
Disclaimer:
Certain US customer or client-facing roles may be required to comply with applicable requirements, such as immunization and occupational health mandates.
US:
Hiring Range:
from $87,000 to $178,200 per annum. May be eligible for bonus and equity.
Oracle maintains broad salary ranges for its roles in order to account for variations in knowledge, skills, experience, market conditions and locations, as well as reflect Oracle's differing products, industries and lines of business.
Oracle US offers a comprehensive benefits package which includes the following:
Medical, dental, and vision insurance, including expert medical opinion
Short term disability and long term disability
Life insurance and AD&D
Supplemental life insurance (Employee/Spouse/Child)
Health care and dependent care Flexible Spending Accounts
Pre-tax commuter and parking benefits
401(k) Savings and Investment Plan with company match
Paid time off:
Flexible Vacation is provided to all eligible employees assigned to a salaried (non-overtime eligible) position. Accrued Vacation is provided to all other employees eligible for vacation benefits.
For employees working at least 35 hours per week, the vacation accrual rate is 13 days annually for the first three years of employment and 18 days annually for subsequent years of employment.
Vacation accrual is prorated for employees working between 20 and 34 hours per week. Employees working fewer than 20 hours per week are not eligible for vacation.11 paid holidays
Paid sick leave: 72 hours of paid sick leave upon date of hire. Refreshes each calendar year. Unused balance will carry over each year up to a maximum cap of 112 hours.
Paid parental leave
Adoption assistance
Employee Stock Purchase Plan
Financial planning and group legal
Voluntary benefits including auto, homeowner and pet insurance
About Us
As a world leader in cloud solutions, Oracle uses tomorrow's technology to tackle today's problems. True innovation starts with diverse perspectives and various abilities and backgrounds.
When everyone's voice is heard, we're inspired to go beyond what's been done before. It's why we're committed to expanding our inclusive workforce that promotes diverse insights and perspectives.
We've partnered with industry-leaders in almost every sector—and continue to thrive after 40+ years of change by operating with integrity.
We're committed to including people with disabilities at all stages of the employment process.
If you require accessibility assistance or accommodation for a disability at any point, let us know by calling , option one.
Disclaimer:
Oracle is an Equal Employment Opportunity Employer*.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans' status, or any other characteristic protected by law.
Oracle will consider for employment qualified applicants with arrest and conviction records pursuant to applicable law.