Oracle Security Architect | Opower in Longmont, Colorado
Analyze, design develop, troubleshoot and debug software programs for commercial or end user applications. Writes code, completes programming and performs testing and debugging of applications.
As a member of the software engineering division, you will analyze and integrate external customer specifications. Specify, design and implement modest changes to existing software architecture. Build new products and development tools. Build and execute unit tests and unit test plans. Review integration and regression test plans created by QA. Communicate with QA and porting engineering to discuss major changes to functionality.
Work is non-routine and very complex, involving the application of advanced technical/business skills in area of specialization. Leading contributor individually and as a team member, providing direction and mentoring to others. BS or MS degree or equivalent experience relevant to functional area. 7 years of software engineering or related experience.
Oracle will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of San Francisco's Fair Chance Ordinance.
Oracle is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans status or any other characteristic protected by law.
/Prefer a candidate who can commute into our Arlington, VA or San Francisco, CA offices/
Are you a top-notch Security Engineering guru who wants a career that marries your passion for solving challenging security problems with a worthwhile purpose, like saving our planet? Imagine yourself coming to work every day to tackle humanity s greatest energy challenges. In Oracle s Utilities Global Business Unit (UGBU) our mission is to lay the foundation for utilities innovation by building cutting edge cloud and big data products. Our energy efficiency products are disrupting the way power is supplied, consumed, billed and operates. Oracle is uniquely positioned in this space, combining a worldwide team of utilities experts with industry-leading technology to develop complete end-to-end SaaS solutions. As a result, we are providing utilities with the flexibility, operational efficiencies and technology to innovate and achieve performance excellence.
Work closely with cross functional product teams to continually improve software security, provide solutions to improve overall system quality. Partner with product engineers to integrate security requirements into our technical architecture. Represent our technical capabilities to internal and external auditors and translate their findings into tangible actions for developers and operators. Guide our teams in integrating Oracle Software Security Assurance program objectives into our strategies, technologies and processes. Enable a DevOps organizational structure performing continuous delivery while maintaining a high-level of product and operational security
Provide expert knowledge of latest security threats and remediation techniques.
Establish best practices to meet security, compliance, and audit requirements.
Develop procedures to automate security tasks during the build and deployments.
Evaluate open security issues and guide development teams in addressing them.
Deploy security solutions in development and cloud environments.
Mentor and train the development team on security best practices and processes.
Requirements & Qualifications
7 years of software engineering and 4 years of application security or related experience.
BS or MS degree or equivalent experience relevant to functional area.
Expertise with browser security controls, application security standards such as OWASP ASVS/Top 10, CWE 25 and vulnerability handling and scoring with CVSS.
Fluency with security testing including SAST, DAST, penetration and Fuzz testing.
Strong knowledge of infrastructure security technology and hardening processes.
Fluency in approaches to secret management and service authentication (SAML, OAUTH).
Good understanding of DevSecOps in maintaining security in CI/CD processes.
Significant security development and/or security assurance experience.
Experience in effective implementation of secure development processes.
Familiarity with Security tools like Fortify, BurpSuite, QualyGuard, ZAP.
Experience with CI/CD pipelines and supporting technologies (e.g. git, Jenkins, Nexus, Maven).
Experience with Docker, Microservices and container deployment and service orchestration.
Knowledge of Linux operating environments.
Experience in developing, documenting, and maintaining security procedures.
Ability to clearly and effectively communicate concerns, issues to other teams.
Job: *Product Development
Title: Security Architect | Opower
Requisition ID: 18000TUW
Other Locations: US-CA,California-San Francisco, US-VA,Virginia-Reston, United States