Security Architecture Specialist 4

As a Senior Security Consultant, you will product architectures and designs to identify security flaws and opportunities for hardening. You will be part of a team of dedicated security professionals who work autonomously, but support each other and all of NetSuite teams and products. The Security Consulting team owns and drives its own Security Design Review, Security Champions and Oracle Corporate Security compliance programs. We are integrated with the product and engineering teams; integrated into the Software Development Lifecycle, providing security guidance and acting as a single point of contact for all things security.

Career Level - IC4

Qualifications:

Range and benefit information provided in this posting are specific to the stated locations only

CA: Hiring Range in CAD from: $76,700 to $167,600 per annum.


Oracle maintains broad salary ranges for its roles in order to account for variations in knowledge, skills, experience, market conditions and locations, as well as reflect Oracle’s differing products, industries and lines of business.
Candidates are typically placed into the range based on the preceding factors as well as internal peer equity.

Responsibilities:

Provides advanced level skills and knowledge in the design and review of products, applications, and integrations ensuring  requirements are in line with Corporate information security policies and processes, as well as Line of Business (including Cloud) security standards. 
Evaluates existing and proposed technical architectures for security risk, provides advanced technical advice to support the design and development of secure architectures and identifies security controls to mitigate those risks.
Provides technical leadership regarding security protocols related to all aspects of enterprise and cloud computing.
Evaluations of security architectures and designs through design reviews and threat modeling.
Identifies and prioritizes security design issues.

Collaborates with software engineers, architects and business leaders to make our products better, helping them balance product and security risk decisions.

Understands both the technical and business security risk of the organization.

Work with architecture teams to proactively design and develop safe architectural patterns into a standard catalog of solutions. 

Promote application security reference architecture standards. 

Foster a security culture by educating product and business leaders on the importance of security. 
Stays informed on current security trends and share that knowledge with the rest of the security and engineering teams.
May train and mentor other staff.

Minimum Qualifications:

B.S. in Computer Science, Computer Engineering, or related field, or sufficient related experience. 

10 years in the field of software development and/or application security. 

Existing knowledge of product security and/or willingness to learn. 

Programming experience with one or more programming language. 

Familiarity with application security concepts (e.g. OWASP Top 10).

Experience in an IC leadership role in engineering, architecture, or security. 

Understand risk and how to make sound decisions. 

Effective at facilitating group discussions. 

Able to adapt communication style to suit technical and non-technical audiences.

Bonus:

Experience working in an Agile development environment.

Familiarity with application security projects (e.g. OWASP Top 10) and industry standards such as ISO27K, BSIMM, etc.

Recognized industry certification and/or continuing education programs are a major plus.

Salary : $76,700 - $167,600