The Oracle Cloud Infrastructure (OCI) Offensive Security team provides OCI with the capabilities to ensure our systems and services meet the security objectives we communicate to customers. The Offensive Security group performs security assessments, vulnerability research, static and dynamic analysis research, penetration testing, red-teaming, and security tool development. We ensure the security of the software and hardware that runs our cloud infrastructure and strive for continuous improvement. The OCI Offensive Security group works as a team. We don't fit people into predefined roles. We bring together the right people who enhance team capability and build roles around each team member's skills and interests.

Values are OCI's foundation and how we deliver excellence. We strive for equity, inclusion, and respect for all. We are committed to the greater good in our products and our actions. We are continually learning and taking opportunities to grow our careers and ourselves. We challenge each other to stretch beyond our past to build our future. You can learn more about us by visiting https://cloud.oracle.com/cloud-infrastructure .

Are you interested in building large-scale distributed security systems and tools for the cloud? Do you love the idea of working in an environment with the excitement of a start-up, but the financial backing of a Fortune 100 company? This role offers huge upside potential, high visibility, and fast career growth without the risks of a typical start-up. We are growing fast, maturing, and working on results-oriented initiatives. A security-focused leader can have significant technical and business impact. This is a unique opportunity to work with smart people to solve complex problems in distributed systems, security, and multi-tenant Infrastructure-as-a-Service (IaaS) operating at massive scale. The biggest challenges for the team is the dynamic and fast growth of the business, driving us to improve our systems, tools, and automation to scale to our security expertise several orders of magnitude greater than what we can support today. We understand that software is living and needs investment. The challenge is making the right tradeoffs, communicating those decisions effectively, and crisp execution. We hope you like working at scale as much as we do because Oracle has no shortage of it! Craft the future of one of the largest clouds on earth with us!

Our ideal candidate is a hardworking and hands-on leader concerned with both security and building the best team possible, a passionate leader about security and furthering their knowledge every day as well as their team, and has previous experience working in the cloud/hardware industry and leading a group of scary smart hackers that operate in a distributed, multi-tenant service infrastructure.

This role is for a hands-on leader to drive the Offensive Security Assessments Team and testing efforts for Oracle's suite of public cloud services.

• Leading a diverse set of personalities and talent
• Understanding the importance of a healthy and supportive team culture
• Support a culture of accountability, integrity and high expectations
• Effectively communicate to anyone in the organization, from the most technical operator to senior leadership
• Stay abreast of known vulnerabilities which can impact our cloud and customers, and work towards applying appropriate mitigations
• Guide and mentor the teams which perform security reviews, and clearly communicate their findings
• Drive implementation and verification of security features to enhance the security of our platforms
• Recommend methodologies for secure service development driving continuous improvement in the engineering organization - Including mentoring, developing, and delivering training materials as well as producing frameworks to reduce standard methodology patterns to an application for use in production efforts
• Collaborate to develop a long-term security roadmap for the features we invest in first
• Responsibly and securely disclose 3rd party vulnerabilities to vendors
• Provide direction and advice on emerging threats, weaknesses, and security practices that may impact the security posture of OCI
• Manage and lead the performance of security teams and security testing activities
• Be able to critically examine an organization and system through the perspective of a threat actor and articulate risks in clear, detailed terms.
• Guiding effective remediations and fixes in our platforms
• Demonstrate solid understanding of distributed networks, major operating systems and their associated peripherals