Consulting Security Engineer

As a key member of Oracle Cloud Infrastructure’s (OCI) Security Organization, you will play a critical role in safeguarding the cloud and broader enterprise from adversaries and insider threats. As our team continues to grow and expand into ambitious new initiatives, we seek a Consulting Security Engineer to lead and contribute to critical security engineering imperatives.

In this highly visible role within the OCI and Infrastructure Security, you will research, innovate on, and design engineering/ process solutions. You will tackle broad security initiatives across cloud, product, and infrastructure security topics such as AI, Hardware, Network, Cryptography. You will partner closely with Cloud Security leadership and collaborate across OCI and broader Oracle business operations and leadership teams to drive security excellence.

Success in this role requires a results-driven, self-starter with a strong sense of ownership, accountability, and the ability to influence and engage with senior security and technology leaders and their engineering teams. The ideal candidate brings deep expertise in security engineering, networking, and cloud computing. Strong executive communication, stakeholder engagement, attention to detail, and problem-solving capabilities are essential to thrive in this role. This is a high-impact, strategic position that offers the opportunity to shape the future of OCI and make a lasting impact across the cloud security ecosystem.

Key Responsibilities:

• Security Deep Dive : Investigate the security posture, controls, and risks associated with complex architectures and lifecycle management.
• Security Innovation : Drive security innovation across legacy and nascent product and cloud services.
• Data-Driven Decision Making : Analyze and interpret complex datasets using scripts, Python, or other analytics tools to identify trends, generate insights, and provide actionable recommendations to leadership.
• Global Stakeholder Collaboration : Establish strong relationships with cross-functional partners and senior leadership to align cybersecurity initiatives with business objectives.
• Cross-Functional Communication : Facilitate clear, concise communication across teams, ensuring alignment on key priorities and enabling effective decision-making at all levels.
• Executive Reporting & Presentations : Develop high-impact reports, dashboards, and presentations tailored for senior leadership, ensuring clarity, professionalism, and strategic insight.
• Strategic Planning & Execution : Define project requirements, establish roadmaps, and manage execution for complex cybersecurity programs, balancing long-term strategy with immediate business needs.
• Issue & Risk Management : Identify, assess, and mitigate program risks and blockers, ensuring continued progress toward cybersecurity and operational goals.
• Security Program Oversight : Oversee multiple security initiatives, ensuring alignment with organizational security objectives and compliance requirements.
• Problem Solving & Critical Thinking : Leverage data-driven methodologies to solve complex business and technical challenges, optimizing cybersecurity operations for effectiveness and efficiency.
• AI Enablement : Help innovate and drive AI capabilities to streamline security operations and create security insights.
• Security Tooling: Collaborate with cross-functional teams to enhance security tooling, CI/CD pipelines and tools, ensuring alignment with OCI’s cloud strategy and compliance requirements.
• Industry Policies: Partner with stakeholders to define and implement policies that align with industry best practices and compliance standards.
• Security by Default: Implement closed-loop mechanisms to continuously improve security by default. Responsible for the planning, design and build of security architectures; oversees the implementation of network and computer security and ensures compliance with corporate security policies and procedures.
• Emerging Security Trends: Stay informed about emerging technologies and industry trends, integrating new software solutions to strengthen risk reduction strategies.
• Security Mentoring: Guide and mentor junior security team members.
  

Additionally:

Responsible for expert planning, design and build of security systems, applications, environments and architectures; oversees the implementation of security systems, applications, environments and architectures and ensures compliance with information security standards and corporate security policies and procedures.
Evaluates existing and proposed technical architectures for security risk, provides expert technical advice to support the design and development of secure architectures and recommends security controls to mitigate those risks. Evaluations of internal security architecture may include design assessment, risk assessment, and threat modeling.
Provides expert technical advice and direction to support the design and development of secure architectures.
Maintain expert proficiency in emerging trends in information security.
Determine the best practices for the large-scale Big Data infrastructure used by some Oracle LOBs, including tooling, data architecture, and content.
May lead incident management teams and provide expert level incident management expertise. Coordinates incidents with other business units and may act as incident commander of multiple serious incidents. Leads development of new methods, playbooks and provide thought-leadership related to incident management throughout Oracle.
May provide leadership in an incident management team, bringing expert-level skills to respond to security events in line with Oracle incident response playbooks. Investigates purported intrusions and breaches, and oversees root cause analysis. Coordinates incidents with other business units and may act as Incident Commander on multiple serious incidents. Leads development of new methods, and playbooks, as well as highly sophisticated scripts, applications, and tools. Trains and mentors other staff, and may supervise incident management teams.
Brings expert-level skills to research, evaluate, track, and manage information security threats and vulnerabilities in situations where in-depth analysis of ambiguous information is required, but no computer programming/scripting knowledge is required. Leads development of highly sophisticated scripts, applications, and tools, and trains others in their use.
Focus on operational and strategic level tasks, and provide counsel and guidance to the junior level security operations engineers in the department.