Oracle Software Developer 5 -Senior Principal Security Analyst in Redwood City, California

Design, develop, troubleshoot and debug software programs for databases, applications, tools, networks etc.

As a member of the software engineering division, you will take an active role in the definition and evolution of standard practices and procedures. Define specifications for significant new projects and specify, design and develop software according to those specifications. You will perform professional software development tasks associated with the developing, designing and debugging of software applications or operating systems.

Provide leadership and expertise in the development of new products/services/processes, frequently operating at the leading edge of technology. Recommends and justifies major changes to existing products/services/processes. BS or MS degree or equivalent experience relevant to functional area. 8 or more years of software engineering or related experience.

Oracle is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans status or any other characteristic protected by law.

Team:

The Security Evaluations team is responsible for the independent (formal)global security evaluations of Oracle products (mostly FIPS 140-2 and CommonCriteria), including their use in Oracle cloud services, an important aspect ofOracle's commitment to security. The team is part of Oracle's Global ProductSecurity group, under the management of the Chief Security Officer. This groupis responsible for managing cross-product security activities and the securityassurance for Oracle products and cloud services.

The Security Evaluations team(SecEval) are experts in government security evaluations and assurancestandards. We are looking for someone to join the team that brings at least thesame level of expertise as the rest of the team.

Role:

As a Senior Principal Security Analyst in the Security Evaluations team, youwill be mainly responsible for managing security evaluations and validationsfor Oracle. Duties in support of theseresponsibilities and other duties include:

  • Track progress of approved security evaluation and validation projects against budget and schedule, performing continuous analysis of risks they face

  • Finance and resource budget preparation, maintenance, and reporting

  • Collaborate with Legal and Procurement departments on activity with all third parties including contracts and Statements of Work

  • Lead or participate in international evaluation communities, participating in appropriate external working groups as assigned. The ability and willingness to lead a community of external participants is critical in this role.

  • Some testing or evidence development (authoring of FIPS specialized documentation) and/or editing/reviewing of this evidence may be required from time to time

Qualifications:

Five years experience in:

o -{PS..0}->performing validations of FIPS140 in a FIPScertified lab

OR

o the equivalent amount of time managing validations as a vendor

  • Expertise in FIPS validation methodologies and processes are critical skills for the candidate.

  • Comfortable preparing some technical evidence as needed and or repeating of developer tests to support evaluations and validations

  • The ideal candidate will have the ability to translate security certification jargon to development and interpret consultants/labs advice

  • Solid knowledge of cryptography preferred

  • Knowledge of operating systems, particularly Solaris and Linux, preferred

  • Experience working on ISO 15408 "Common Criteria" evaluations as a lab or a vendor a plus

  • A working knowledge of any of the following technologies are advantages to the candidate: relational databases (particularly Oracle DBMS), Apache based application servers, identity and access management products, and cloud service technologies. OpenSSL and other cryptographic modules are also helpful.

  • Knowledge of Oracle product development internals and lifecycle practices a plus

  • The successful candidate should possess excellent time management and organizational skills as well as demonstrable verbal and written communication expertise.

  • Strong knowledge of Procurement Management processes are key skills for the candidate.

  • CSSLP, CISM or CISSP preferred.

  • PMP or PRINCE2 helpful.

  • Education Requirements:

o US/Canada: BS (essential) or MS (preferred) degree or equivalent experience relevant to functional area

o UK: BSc (essential) and MSc (preferred) or equivalent experience relevant to functional area

Must be willing to travel up to 25% in US,Canada and worldwide

As part of Oracle s employment process candidates will berequired to complete a pre-employment screening process, prior to an offerbeing made. This will involve identity and employment verification, salaryverification, professional references, education verification and professionalqualifications and memberships (if applicable).

Oracle supports workforce diversity and is an equalemployment opportunity employer.

Job: *Product Development

Organization: *Oracle

Title: Software Developer 5 -Senior Principal Security Analyst

Location: United States

Requisition ID: 190007QN