Sr. Software Developer â€“ 5G Product Security
The Oracle Communications 5G and Policy Management System Architecture team assists the product engineering organization and partners to build secure 4G and 5G products, services, and features. We develop strong product security practices, partner with product owners, engineers and executives to ensure new products and features meet the highest security standards. Security is reflected every day in the products and services we build, our company operates, and how we engage with service teams and partners. We are trusted advisers and guide the organization to deliver the most secure cloud in the industry.
Are you interested in securing a large-scale, highly-available, cloud-native, 5G communications solutions? Oracle Communications is building new 5G mobile network solutions that operate at high scale in broadly distributed and rapidly growing multi-tenant cloud environments. Our mission is to provide our customers with the most secure communications products and services.
We're looking for hands-on security software developers with expertise and passion in solving difficult security problems in distributed systems, multi-tenant services, and large-scale cloud-native infrastructures. If this is you, at Oracle Communications you can help design and build innovative new systems from the ground up. These are exciting times in our space - we are growing fast, and working on ambitious new initiatives. A security-focused software developer can make significant technical and business impact.
As a senior software developer in 5G Product Security you will work closely with engineers from the various 5G product and service development teams to lead building a secure architecture that is fundamentally sound and efficient. Your influence and innovation in design of the full system architecture is critical. You should be familiar with security at all levels of the software, hardware, and network stack; while being exceptionally deep in a few. Intellectual curiosity and an excitement for the challenges of securing complex, massive systems are a must. You should value simplicity and usability as well as security and work comfortably in a collaborative, agile environment.
Things youâ€™ll do:
- Consult software development teams in design and architecture of secure systems. Collect, identify, and develop best practices, patterns, and anti-patterns for specific security-related problems.
- Perform threat modeling exercises and propose technical controls for critical systems, conduct and facilitate technology security reviews including Secure SDLC testing requirements & Identify, prioritize, and help implement security improvements that maximize security while keeping developers productive
- Serve as security thought leader for all application security automation. Architect, design, prototype, support, and evaluate security-focused tools and services including project leadership. Assist with triage of findings from security tools. Develop and refine rules and checks for security automation.
- Research new security technologies
- Identify and understand inherent, systemic high-risk security issues that could lead to security incidents. Architect, design, prototype, support, and validate scalable security solutions to eliminate systemic issues, including project leadership.
- 4+ years of experience in product software development
- Experience developing applications using programming languages such as Java, C++, etc.
- Experience in several aspects of security:
- Security design and threat modeling
- Security consulting and development of best practices, patterns and anti-patterns, secure-by-default solutions
- Research of new security technologies
- Automation: from prototyping new security tools, evaluating/validating existing security tools, automation, to supporting and improving existing product security tools: SAST, DAST, IAST, RASP, SCA, etc.
- Systemic security issues: identifying, root cause analysis, designing security solutions, including project leadership
- Web application security experience:
- web application vulnerabilities and mitigations beyond the OWASP Top 10
- Expert in web browser security
- Experience with federation protocols (SAML, OAuth)
- Network security experience:
- Building network security architectures for complex global networks
- Network and web related protocols such as, TCP/IP, UDP, IPSEC, HTTP, HTTPS, Routing protocols, such as BGP and route reflectors.
- Hands-on experience with fuzz testing to identify vulnerabilities and security risks in different Protocols and interfaces
- Knowledge of cloud-based security principles; cloud security vulnerabilities and their best practices
- Bachelorâ€™s degree, Masterâ€™s degree preferred, (or equivalent experience) in Computer Science or related field
- Strong sense of ownership, urgency, and drive
- Demonstrable teamwork skills and resourcefulness
- Possess self-drive to keep moving things forward even in the face of ambiguity and imperfect knowledge (avoid â€œanalysis paralysisâ€�)
- Sharp analytical abilities and proven design skills
Design, develop, troubleshoot and debug software programs for databases, applications, tools, networks etc.
As a member of the software engineering division, you will assist in defining and developing software for tasks associated with the developing, debugging or designing of software applications or operating systems. Provide technical leadership to other software developers. Specify, design and implement modest changes to existing software architecture to meet changing needs.
Duties and tasks are varied and complex needing independent judgment. Fully competent in own area of expertise. May have project lead role and or supervise lower level personnel. BS or MS degree or equivalent experience relevant to functional area. 4 years of software engineering or related experience.
Innovation starts with inclusion at Oracle. We are committed to creating a workplace where all kinds of people can be themselves and do their best work. Itâ€™s when everyoneâ€™s voice is heard and valued, that we are inspired to go beyond whatâ€™s been done before. Thatâ€™s why we need people with diverse backgrounds, beliefs, and abilities to help us create the future, and are proud to be an affirmative-action equal opportunity employer.
Oracle is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans status, age, or any other characteristic protected by law. Oracle will consider for employment qualified applicants with arrest and conviction records pursuant to applicable law.