All over the world, people's lives are better because of Oracle. Want to make a difference? Join our company of change-makers.
From Oracle to culinary school and back again. Bonnie Carlson Kaypaghian uses the skills she learned to create recipes for her daughter’s Type 1 Diabetes and has written a cookbook to share with the world. #LifeatOracle
SOC Analyst-2100038XApplicants are required to read, write, and speak the following languages:English
We are seeking a SOC Analyst to join the Oracle+NetSuite Security team responsible for securing systems, infrastructure, services and data. The Security Operations Center Analyst will use data collected from a variety of information security tools (including intrusion detection system alerts, firewall and network traffic logs, and host system logs) to analyze events that occur within the enterprise and perform threat analysis as well as investigate and analyze all response activities related to potential security incidents within the enterprise.
- Provide tier 2 analytical support to the monitoring team, and respond to security incidents, draft incident reports, and note lessons learned
- Monitor and analyze security events network traffic, and security alerts across the enterprise
- Identify security events requiring immediate escalation and response
- Perform advanced analysis of security events and alerts
- Correlate events from multiple sources during investigations Develop processes and response procedures to improve overall SOC functions Conduct investigations of potential intrusion attempts to determine remediation actions and escalation paths
- Perform incident response and handling following documented procedures Document and track investigation activities during an incident
- Monitor external data sources to maintain currency of information security threat condition and determine which security issues may have an impact on the enterprise
Required skills and experience:
- Knowledge of security controls including network security technologies (IDS, IPS, firewall, DLP, NAC, and WAF), OS hardening, file integrity monitoring, authentication
- Strong understanding of system and network security threats and vulnerabilities
- Understanding of TCP/IP and data packet capture, networking fundamentals, common network services, network vulnerabilities and network attack patterns.
- Experience in security event monitoring and triage, incident response, and/or system/network auditing. Hands on experience analyzing data using a Security and Information Event Management (SIEM) system Experience using Splunk and Splunk ES Familiarity with network and endpoint security applications and tools including network scanning tools, NIDS/HIDS, firewalls and web proxies Self-motivated, excellent analytical and problem solving and critical thinking skills Works well in a team environment and independently Ability to communicate well verbally and in writing 2+ years as a SOC Analyst 3+ years in Information Technology preferably as a security engineer, system administrator, or network engineer
- B.Sc. in Computer Science, Computer Engineering, MIS, or equivalent experience
Preferred skills and experience:
- Experience with Linux system administration, scripting, log parsing, vulnerability assessments/penetration testing, or vulnerability management
- Scripting and programming knowledge and experience Work experience at a cloud service provider Recognized industry certification and/or continuing education programs are a major plus including GCIH, GCIA, CISSP, GCFA, GMON, GREM, GNFA
Detailed Description and Job Requirements
Responsible for the planning, design and build of security architectures; oversees the implementation of network and computer security and ensures compliance with corporate security policies and procedures.
Responsible for basic planning, design and build of security systems, applications, environments and architectures; oversees the implementation of security systems, applications, environments and architectures and ensures compliance with information security standards and corporate security policies and procedures.Assist in development of incident response capabilities, training, and tool validation.May research, evaluate, track, and manage information security threats and vulnerabilities in situations where analysis of well-understood information is required and where computer programming/scripting knowledge is required.May participate in an incident management team, responding to security events in line with Oracle incident response playbooks. Investigates purported intrusions and breaches, and oversees root cause analysis. Coordinates incidents with other business units and may assist the Incident Commander during serious incidents. Participates in developing new methods, and playbooks, as well as basic scripts, applications, and tools. Research industry trends and constantly assess current controls and threat posture of new and existing products and services.Recommend and implement new security controls across Oracle’s line of business (LOB).Improve current processes and workflows to minimize manual efforts.
Minimum of 5 years related experience in an information security role, supporting security programs and security engineering/architecture in complex enterprise environments. Hands on experience with enterprise security architecture, engineering and implementation required.Knowledge of compliance program security controls, like ISO 27001, SOC 2, HITRUST, and FedRAMP, as applied to cloud SaaS, PaaS and IaaS operations.Familiarity with SDLC principles and scripting & programming languages (such as Terraform, Python, Ruby, etc.).Preferred but not required qualifications include:Bachelor-level university degree in a relevant field from an accredited university, or equivalent. Experience in developing secure, scalable cloud architectures and distributed systems.Experience with high-level software design and development and the design, use, and deployment of automation and orchestration frameworks.Demonstrable scripting or programming experience.
As part of Oracle's employment process candidates will be required to successfully complete a pre-employment screening process. This will involve identity and employment verification, professional references, education verification and professional qualifications and memberships (if applicable).
:Information Security Engineering
:Yes, 25 % of the Time
:CZ-CZ,Czech Rep-Prague, RO-RO,Romania-Bucharest
:Regular Employee Hire