Senior Offensive Security Engineer
Oracle
MAKATI CITY, METRO MANILA, Philippines
2d ago

Performs penetration testing and attack simulations on business critical infrastructure including internal servers, networks and applications to identify and resolve security flaws.

Performs penetration testing and attack simulations on business critical infrastructure including internal servers, networks and applications to identify and resolve security flaws.

Experiments with various methods attackers could use to exploit information security vulnerabilities.

Uses standard methodologies and techniques for conducting penetration testing, including developing standard tool-sets and automating testing.

Completes security testing activities.

Completes threat assessment reports that outline penetration test findings and presents findings to management.

Verifies potential targets for exploit.

Minimum 5 years combined experience from at least three of the following : security testing, systems development, systems administration, network administration, scripting, and security testing automation required.

Preferred but not required qualifications include :

BS or MS in Computer Science, Computer Security or Computer Engineering.

Holds relevant industry certifications such as OSCP / CREST CRT, CREST CCT Inf / App, OSCE, CISSP, GSEC, GPEN, GCFW, GWAPT, GAWN or equivalent.

Has Common Vulnerabilities and Exposures (CVEs).

Has contributed to an open source project.

Why Oracle NetSuite?

One word transformation.

At Oracle NetSuite, we believe the cloud is here to stay and so do our 20,000+ customers. We believe businesses should not be bogged down by the overhead of bulky data centers and expensive personnel to run it all.

Businesses need to be lean, efficient and agile. NetSuite is literally transforming business around the globe by providing a cloud-based, unified system that delivers unprecedented capabilities to drive business forward.

Founded in 1998 as THE cloud ERP pioneer, Oracle NetSuite’s global business unit has transformed the business operations of our customers without the high costs and inefficiency of on-premise systems.

Transform your career at Oracle NetSuite

At Oracle NetSuite, we work hard and we work smart. We hire fierce competitors. We hire individuals that are fearless trail blazers.

Oracle NetSuite employees take the hill, we prefer action over inaction, we are tireless in our mission and we pause only to celebrate our success.

And we DO celebrate, because if you don’t have fun along the way, then what’s the point?

Responsibilities

  • Work closely with Security Architecture in the understanding the risk assessments of cloud native security services and infrastructure
  • Help team members translate high-level service design into practical threat and attack scenarios
  • Complete and / or oversee penetration-testing engagements documenting results and verifying remediation.
  • Share in penetration testing responsibilities, assist, and mentor junior team members to meet deadlines
  • Present findings and trends to senior management, consult on areas of improvement for development
  • Attend training as required to meet Oracle and compliance and regulatory standards.
  • Perform daily task in accordance of compliance and regulatory standards
  • Other duties as assigned
  • Qualifications

  • 4+ years of experience with offensive cyber-security in cloud environments
  • Experience in leading technical teams and ability to mentor others
  • Demonstrated history of vulnerability discovery (CVEs, etc.)
  • Experience working in a large multi-tenet cloud environments
  • Strong application / product / software security background
  • Excellent organizational, verbal and written communication skills
  • Strong understanding of modern microservices architectures and technology (like Docker,
  • Kubernetes, etc)
  • Strong understanding of Linux and Shell scripting
  • Ability to read and understand moderately complex Python code
  • Strong knowledge of network protocols (e.g., TCP / IP, UDP, DHCP, DNS, HTTP, HTTPS, routing protocols)
  • Strong understanding in system and network security, authentication and security protocols, cryptography, and application security
  • Strong troubleshooting and diagnostic skills
  • Ability to multi-task and handle changing priorities
  • Experience working in a team environment; ability to learn from your peers and accept criticism
  • Self-motivation to drive solutions to completion
  • Self-starter, capable of working without direction and able to deliver from scratch.
  • Demonstrated ability to successfully complete complex engagements with minimal supervision
  • Bonus Qualifications

  • Relevant industry certifications such as CISSP, OSCP, GSEC, GPEN, GCFW, GWAPT, GAWN
  • Experience with Red Team and Table Top security exercises
  • Experience running Red Team - Blue Team exercises
  • Report this job
    checkmark

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    Apply
    My Email
    By clicking on "Continue", I give neuvoo consent to process my data and to send me email alerts, as detailed in neuvoo's Privacy Policy . I may withdraw my consent or unsubscribe at any time.
    Continue
    Application form