Principal Data Loss Prevention Security Engineer

As a vital member of Oracle Cloud Infrastructure’s (OCI) Security Operations Organization, you will be at the forefront of protecting Oracle’s cloud and enterprise environments from both external adversaries and insider threats. As our team continues to expand and tackle ambitious initiatives, we are seeking experienced security professionals with a proven track record in safeguarding critical infrastructure and data.

Our rapidly growing team specializes in threat hunting, analyzing indicators of compromise (IOCs), investigating security incidents, managing incident responses, and conducting digital forensics across IaaS, PaaS, and SaaS platforms. In this role, you will be part of a dedicated security operations team, leveraging data loss prevention, case management tools and developing automation to detect and respond to security threats in real time. Additionally, you will play a critical role in designing and implementing data loss prevention strategies to proactively mitigate potential data security risks. As the last line of defense when security controls are breached, your expertise will be instrumental in securing Oracle’s data and infrastructure.

The ideal candidate is a proactive self-starter with a strong sense of ownership and accountability, capable of delivering effective results under pressure. Bringing deep expertise in security engineering, you will help drive the strategic development of our enterprise security threat program.

The Role
We are seeking a seasoned security engineering professional that will build and operate advanced security tools, processes, and automation to identify and mitigate risks related to proprietary data across OCI and Oracle’s broader enterprise. You will lead sensitive investigations, conduct thorough root cause analyses, and work collaboratively with partner teams—including SOC, digital forensics, incident response, physical security, and engineering—to respond effectively to diverse and sophisticated threats.

Key Responsibilities

• Monitor and Analyze User Activity: Continuously monitor, analyze, and investigate user behaviors and activities across networks, applications, and endpoints to detect suspicious patterns or potential insider threats.
• Build and Maintain Detection and Response Systems: Develop, implement, and manage tools, analytics, and automated detection systems specifically designed to identify potentially malicious activity.
• Data Loss Prevention (DLP): Participate with DLP team to enhance data loss prevention strategies, including deploying and tuning DLP technologies to prevent the unauthorized access or transmission of sensitive proprietary data.
• Incident Investigations: Conduct thorough investigations of security incidents related to potential or confirmed threats, collaborating closely with legal, HR, and compliance teams as needed.
• Case Management: Document and manage cases from detection through to resolution, ensuring proper documentation and reporting processes are followed.
• Security Awareness and Training: Support the development and delivery of targeted security awareness training at all levels of the company. Training to be focused on reducing data security risk and how to recognize and report suspicious behaviors.
• Collaboration and Coordination: Work with cross-functional teams such as HR, legal, compliance, physical security and other engineering organizations to coordinate incident response and security policy and standards enforcement.
• Threat Hunting: Proactively hunt for evidence of threats by analyzing system logs, access records, and behavioral analytics.
• Tool and Process Enhancement: Evaluate and recommend improvements to detection tools, response processes, and operational playbooks.
• Reporting and Analytics: Prepare reports and metrics (OKR's) on insider threat trends, investigation outcomes, and security posture for management and leadership