Oracle NetSuite Principal Security Engineer, Threat and Vulnerability Management

NOTE: This position will be located at our Austin, TX Headquarters. This is a flex position requiring 3 days a week in office. There is NO sponsorship for this role.

Overview

As part of OracleNetSuite’s Threat and Vulnerability Management Team, the Principal Security Engineer plays a crucial role in the identification, analysis, reporting, and remediation of security vulnerabilities across several NSGBU product lines.

Responsibilities

• Continuously monitor emerging threats and vulnerability disclosures to proactively identify and assess potential impacts on the organization
• Thoroughly analyze and prioritize vulnerabilities based on risk and potential impact to the organization, providing actionable recommendations to stakeholders
• Document findings and risks in executive summaries to facilitate clear communication with stakeholders
• Collaborate with engineering and operations teams to develop and implement effective remediation strategies, ensuring vulnerabilities are addressed in a timely manner
• Lead the integration of automated vulnerability scanning and management tools to streamline processes and improve the team’s overall efficiency
• Provide guidance and mentorship to junior security engineers and analysts, fostering a culture of continuous learning within the team
• Create and present reports on vulnerability status, trends, and metrics to senior management and other stakeholders, highlighting areas for improvement and progress
• Develop templates, procedures, and guidelines for vulnerability management

Qualifications

• Bachelor’s degree in Computer Science, Information Security, or a related field
• 8+ years of experience in information security or security assurance/compliance, with a strong focus on vulnerability management
• Expertise in vulnerability assessment tools (Qualys, Nessus, Rapid7) and issue tracking tools (Jira, Confluence)
• Strong knowledge of technology and security topics, including network security, infrastructure hardening, security baselines, web server security, application security, and database security
• Strong understanding of security frameworks (NIST, OWASP)
• Knowledge of industry and regulatory requirements (PCI, ISO)
• Familiarity with scripting languages (Python, Bash) for automation of vulnerability management processes
• Strong analytical and problem-solving skills, with a proactive approach to identifying and addressing security issues
• Excellent communication and interpersonal skills, with the ability to convey complex technical information to diverse audiences
• Highly self-motivated and directed
• Ability to travel 10% of the time

Career Level - IC4

As a world leader in cloud solutions, Oracle uses tomorrow’s technology to tackle today’s problems. True innovation starts with diverse perspectives and various abilities and backgrounds.

When everyone’s voice is heard, we’re inspired to go beyond what’s been done before. It’s why we’re committed to expanding our inclusive workforce that promotes diverse insights and perspectives.

We’ve partnered with industry-leaders in almost every sector—and continue to thrive after 40+ years of change by operating with integrity.

Oracle careers open the door to global opportunities where work-life balance flourishes. We offer a highly competitive suite of employee benefits designed on the principles of parity and consistency. We put our people first with flexible medical, life insurance and retirement options. We also encourage employees to give back to their communities through our volunteer programs.

We’re committed to including people with disabilities at all stages of the employment process. If you require accessibility assistance or accommodation for a disability at any point, let us know by calling +1 888 404 2494, option one.

Disclaimer:

Oracle is an Equal Employment Opportunity Employer*. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans’ status, or any other characteristic protected by law. Oracle will consider for employment qualified applicants with arrest and conviction records pursuant to applicable law.

* Which includes being a United States Affirmative Action Employer