Product Security Architect

  • Oracle
  • Boulder, CO, USA
  • Sep 14, 2018
[Information Technology]

Job Description

Design, develop, troubleshoot and debug software programs for databases, applications, tools, networks etc.

As a member of the software engineering division, you will take an active role in the definition and evolution of standard practices and procedures. You will be responsible for defining and developing software for tasks associated with the developing, designing and debugging of software applications or operating systems.

Work is non-routine and very complex, involving the application of advanced technical/business skills in area of specialization. Leading contributor individually and as a team member, providing direction and mentoring to others. BS or MS degree or equivalent experience relevant to functional area. 7 years of software engineering or related experience.

*Oracle is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans status or any other characteristic protected by law.*

*Application SecurityArchitect*

* *

Oracle Food & BeverageGBU software delivers fully integrated food and beverage solutions customizedto fit unique business requirements. With a robust end-to-end portfolio, Oraclesolutions enables food and beverage operations that help streamline managerialtasks and increase speed of service, while elevating the guest experience.

*Job Summary*

Acts as an architecturalresource responsible for the security of Oracle Food & Beverage Point ofSale software. Work closely with cross-functional product developmentteams to continually improve software security, provide solutions to improveoverall system quality. Collaborate with product engineers to integratesecurity requirements into our technical architecture. Represent our technicalcapabilities to internal and external auditors and translate their findingsinto tangible actions for developers and operators. Guide our teams inintegrating Oracle Software Security Assurance program objectives into ourstrategies, technologies and processes.


-{PS..0}-> -{PS..1}->Establish best practices to meet security, compliance, and auditrequirements.

-{PS..2}-> -{PS..3}->Develop procedures to automate security tasks during the build anddeployments.

-{PS..4}-> -{PS..5}->Evaluate open security issues and guide development teams inaddressing them.

-{PS..6}-> -{PS..7}->Deploy security solutions in development and cloud environments.

-{PS..8}-> -{PS..9}->Provide expert knowledge of latest security threats andremediation techniques.

-{PS..10}-> -{PS..11}->Ability to act as the security mentor and primary contact to thedevelopment team.

-{PS..12}-> -{PS..13}->Mentor and train the development team on security best practicesand processes.

*Requirements &Qualifications*

-{PS..14}-> -{PS..15}->BS or MS degree or equivalent experience relevant to functionalarea.

-{PS..16}-> -{PS..17}->7 years of software engineering and 4 years of applicationsecurity or related experience.

-{PS..18}-> -{PS..19}->Expertise with browser security controls, application securitystandards such as OWASP ASVS/Top 10, CWE 25 and vulnerability handling andscoring with CVSS.

-{PS..20}-> -{PS..21}->Fluency with security testing including SAST, DAST, penetrationand Fuzz testing.

-{PS..22}-> -{PS..23}->Significant security development and/or security assuranceexperience

-{PS..24}-> -{PS..25}->Experience in effective implementation of secure developmentprocesses.

-{PS..26}-> -{PS..27}->Familiarity with Security tools like Fortify, Burp Suite,QualysGuard and ZAP.

-{PS..28}-> -{PS..29}->Experience in developing, documenting, and maintaining securityprocedures.

-{PS..30}-> -{PS..31}->Ability to clearly and effectively communicate concerns, issues toother teams.

*Preferred Qualifications*:

-{PS..32}-> -{PS..33}->Senior level developer with a thorough knowledge of good designand coding practices.

-{PS..34}-> -{PS..35}->In-depth knowledge of the represented component as well asknowledge of how the component fits in to the final product.

-{PS..36}-> -{PS..37}->Communication skills to facilitate compliance issues and securityvulnerability handling with the team as required.

-{PS..38}-> -{PS..39}->Ability to stay current on software security issues.

-{PS..40}-> -{PS..41}->Experienced developer with 5 years of C# and .NET developmentexperience.

-{PS..42}-> -{PS..43}->Good understanding of DevSecOps in maintaining security in CI/CDprocesses.

Location: Opento candidates currently based in US


**Job:** **Product Development*

**Organization:** **Oracle*

**Title:** *Product Security Architect*

**Location:** *United States*

**Requisition ID:** *180012O8*