CX Marketing Security Architecture Specialist
Toronto, ON, Canada
The Security Architecture Specialist is a CX Marketing (CXM) Cross-Product position, whose role is the dedicated technical expert for CXM security. This person provides expertise, consultancy, guidance, review, and hands-on assistance to CXM product engineering teams to ensure secure processes and security of their products, and to ensure compliance with Oracle security standards. In addition, this role performs operational duties such as the installation, administration, support, and assistance in the usage of various security test tools used by the CXM product teams.
This role requires close collaboration with the CXM Security Lead and Program Management, and the Security Points of Contact (aka SPOCs) of the CXM products. In addition, there will be collaboration with various external Oracle security teams including Global Product Security (GPS), Corporate Security Architecture (CSA), Global Information Security (GIS), and the Oracle Cloud Infrastructure (OCI) and Cloud SaaS Security teams.
The duties of the position include:
- Testing: Establish an approach, methodology, framework, and assist, for regular and frequent penetration and other security tests of CXM products. Guide the CXM product teams on best practices for testing and the usage of the security tools. In some circumstances, perform spot checks and run tests on the CXM products outside of the regularly schedule security testing.
- Development: Work hands-on alongside the CXM product SPOCs and their products to help them with using the various security tools required for testing. Also, help them with integration to Oracle tools, such as Secure Testing as a Service (STaaS) and Open Source Compliance Service (OSCS). Provide automation components and training/rules of thumb/FAQs to help the product teams utilize and leverage the security testing tools to their potential. Evaluate and do proof-of-concept of new or updated security tools to be used by CXM products.
- Operations: Manage any CXM centralized tool instances and licenses (e.g. WebInspect and Fortify) including working with Program Management to manage a shared CXM schedule.
- Security Guru: The full-time Security Expert/Technical Lead who can deeply focus and provide subject matter expertise to help the CXM products with their Oracle Software Security Architecture (OSSA) compliance needs .This may include providing security lead representation, documentation illustrating best practices, guidelines, FAQs, etc. This person will also evangelize the need for secure practices and products and promote collaboration and sharing of ideas and experience across the CXM organization. This may include activities, such as leading monthly CXM security awareness forums with the CXM product SPOCs.
Skills we are looking for:
- Hands-on experience and knowledge in cybersecurity of distributed complex systems
- Experience with data encryption, cryptography, security controls
- Experience with cybersecurity best practices, tools, threats, and vulnerabilities (CIS, CVE)
- Proficient programming language skills such as scripting, Python, Java, etc.
- Proficient Linux skills, both in usage and administration.
- A strong collaborator that is comfortable working across multiple teams and organizations.
- Strong written and verbal communication skills with the ability to appropriately explain complex concepts to various levels within the organization (e.g. Developer through to Senior Vice President)
- Detail oriented, with ability to track and report on security related topics and progress across the entire CXM organization.
- Ability to build and nurture professional relationships necessary for ensuring that CXM is adhering to current and ever-maturing security standards and practices.
- Security certifications, e.g., such as CompTIA Security+, CompTIA PenTest+, CEH, CISSP
- Experience in threat modeling or other risk identification techniques to develop security solutions
- Good understanding of databases, NoSQL systems, storage and distributed persistence technologies.
- Experience with SaaS multi-tenant, virtualized and container infrastructure a strong plus
- Experience with Cloud applications, services, platforms, and infrastructure a strong plus
- Experience working within large and distributed organizations.
Detailed Description and Job Requirements
Design, develop, troubleshoot and debug software programs for databases, applications, tools, networks etc.
As a member of the software engineering division, you will take an active role in the definition and evolution of standard practices and procedures. Define specifications for significant new projects and specify, design and develop software according to those specifications. You will perform professional software development tasks associated with the developing, designing and debugging of software applications or operating systems.
Provide leadership and expertise in the development of new products/services/processes, frequently operating at the leading edge of technology. Recommends and justifies major changes to existing products/services/processes. BS or MS degree or equivalent experience relevant to functional area. 8 or more years of software engineering or related experience.
Job: Product Development
Job Type: Regular Employee Hire
Your application has been successfully submitted.