IT Security Analyst
The Oracle Cloud Security organization is tasked with providing expert security knowledge and operational assessment of the various cloud systems. This includes security policy/standards definition and enforcement, operation/monitoring of security infrastructure in the cloud, regulatory compliance, and security testing for various systems that comprise the cloud environment.
This is a technical security operations role within Oracle Cloud Security organization. Primary focus will be on intrusion detection and prevention security controls, specifically the deployment, management, and tuning of network and host based security solutions within the cloud infrastructure. Additional duties will include upholding vulnerability management and risk mitigation strategies within the cloud infrastructure. This includes the successful deployment and utilization of vulnerability scanning technologies, researching security related vulnerabilities, and evaluating the environment for real risk. The role will also assist in security incident response efforts and investigations. Work is non-routine and very complex, involving the application of advanced technical and business skills in multiple areas of specialization.
Develop and implement security controls to detect and prevent infiltration of company systems and exfiltration of company data by adversaries.
Engage in and lead the deployment of security solutions.
Correlate data from disparate log sources to determine a baseline and generate alerts based on behavior based indicators.
Tune security solutions to eliminate false positives and negatives.
Determine impact and scope of vulnerabilities and ensure patching via a vulnerability management process.
Provide management with reports on vulnerability management efforts.
Assist in investigating security events and determine whether they qualify as a security incidents.
Review security controls and rule sets on routers, switches, firewalls and other network devices.
Create and maintain access control lists.
Write reports for management regarding the negative impact to the business caused by theft, destruction, alteration or denial of access to company data and systems.
Take responsibility for the successful execution of the incident response plan.
Proactively identifies and troubleshoots to resolution issues with security solutions.
Bachelor's degree or equivalent combination of education and 4 years of experience in information security, computer science, or related field
Three or more years of experience in deploying enterprise security solutions including SIEM, security incident response tools, vulnerability scanners, and endpoint security products.
Experience in writing custom rules and correlations for IDS/IPS and a SIEM.
Ability to analyze in network flow and full packet captures.
Skills in triaging a security incident from initial detection to resolution.
Strong log analysis, deduction, analytical, problem solving, and communication skills.
Self-starter and self-sufficient, doesn’t need to be micro-managed.
Excellent team player, willing to share knowledge and skills with peers.
Knowledge of Information Security standards and access controls such as ISO27001/2, PCI DSS, and other international standards.
Possess the ability to adjust and adapt to changing priorities in a dynamic environment.
Experience with Linux or similar Unix platforms (Oracle Linux, CentOS, RHEL, Solaris, BSD), macOS, and Windows.
UK National residing in United Kingdom