Oracle Threat Intelligence Investigator (JoinOCI-SDE) in Sandy, Utah
Design, develop, troubleshoot and debug software programs for databases, applications, tools, networks etc.
As a member of the software engineering division, you will assist in defining and developing software for tasks associated with the developing, debugging or designing of software applications or operating systems. Provide technical leadership to other software developers. Specify, design and implement modest changes to existing software architecture to meet changing needs.
Duties and tasks are varied and complex needing independent judgment. Fully competent in own area of expertise. May have project lead role and or supervise lower level personnel. BS or MS degree or equivalent experience relevant to functional area. 4 years of software engineering or related experience.
Oracle is an Affirmative Action-Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability, protected veterans status, age, or any other characteristic protected by law.
/At Oracle Cloud Infrastructure (OCI), we build the future of the cloud for Enterprises as a diverse team of fellow creators and inventors. We act with the speed and attitude of a start-up, with the scale and customer-focus of the leading enterprise software company in the world./
/Values are OCI’s foundation and how we deliver excellence. We strive for equity, inclusion, and respect for all. We are committed to the greater good in our products and our actions. We are constantly learning and taking opportunities to grow our careers and ourselves. We challenge each other to stretch beyond our past to build our future./
/You are the builder here. You will be part of a team of really smart, motivated, and diverse people and given the autonomy and support to do your best work. It is a dynamic and flexible workplace where you’ll belong and be encouraged./
The OCI Threat Intelligence Center is responsible for the tracking and monitoring of a range of threat actors from cybercrime to Advanced Persistent Threat (APT) groups impacting OCI and its customers. The scope and responsibility of this team includes attack analysis, tracking threat actor's indicators of compromise (IOCs) and their tactics, techniques, and procedures (TTPs), aiding in security incident response, executive communication, and customer outreach.
As a Threat Intelligence Investigator, you will primarily focus on the day-to-day actions of threat actors. You will be responsible for tracking numerous groups independently and lead operational activities when situations present themselves. You will also have a passion for cyber security, researching and remaining current on attack trends, and ability to adapt to an organic and fast paced environment is a must.
Lead collection and analysis efforts of suspected advanced persistent threat campaigns across the OCI ecosystem, develop remediation plans, and drive incidents to resolution and attribution.
Manage various communication streams including cross company and executive communications
Facilitate post incident reviews, document intelligence and data points gained appropriately and actively work with impacted teams addressing resolution actions.
Keep up-to-date on geopolitical issues across the world and be able to translate them into potential and future cyber incidents involving Oracle and its ecosystem
Collaborate with partner Cloud security teams during all phases of the incident response lifecycle.
Develop and maintain threat intelligence procedures and runbooks.
Ingratiate into the larger Threat Intelligence community to create and maintain trust networks.
4-6 years of industry experience performing analytical and operational work and case management against advanced threats. Have worked at least 3-4 different APT groups across at least two different regions in the world.
Experience in one or more of the following fields of work: National security, military, federal intelligence, law enforcement, criminology, and/or foreign areas and language
A broad background in information security with experience in security operations, vulnerabilities and exploitation, network security, and cloud security.
Experience with variety of operating systems and threats that target them including Windows, UNIX/LINUX, and MacOS
Experience performing open source research on a variety of topics
Excellent verbal/non-verbal communication skills with proficient ability to deliver technical information to non-technical staff
Previous Incident Response, Security Operations Center, and/or Forensic Analyst experience preferred
Previous experience with malware analysis and/or reverse engineering capabilities highly desired
Knowledge of common attack types/vectors and associated mitigations.
Knowledge of how to use structured queries to pull data from logs and be able to formulate signatures such as ability to use YARA, Snort, Suricata, Bro/Zeek successfully
BS or MS degree in Computer Science, Computer Engineering, Information Systems, Cyber Security, or equivalent experience
Prior experience working on a global security team is a plus
Job: *Product Development
Title: *Threat Intelligence Investigator (JoinOCI-SDE) *
Location: United States
Requisition ID: 200011OS