Offensive Security Engineer

Offensive Security Engineer Preferred Qualifications Location: Bristol, UK Requirement: **_ * SC clearance required_** Job Description: The OracleCloud Infrastructure (OCI) team can provide you the opportunity to buildand operate a suite of massive scale, integrated cloud services in abroadly distributed, multi-tenant cloud environment. OCIis committed to providing the best in cloud products that meet the needsof our customers who are tackling some of the world's biggestchallenges. We offer unique opportunities for smart, hands-on engineers with theexpertise and passion to solve difficult problems in distributedhighly available services and virtualized infrastructure. Atevery level, our engineers have a significant technical and businessimpact designing and building innovative new systems to power ourcustomer's business critical applications. We're looking for hands-on cloud hackers with expertise and passion inidentifying and exploiting complex security problems indistributed, multi-tenant services and infrastructure. Oracle Cloud Infrastructure (OCI) provides Infrastructure-as-a-Service. We operate distributed systems at a high scale, worldwide. These are the foundation of our cloud environment. Our customers run their businesses on our cloud, and our mission is to provide them with a best-in-class and ever-expanding set of cloud-based services. **Within OCI, the Offensive Security group conducts penetration tests,hardware security research, and operates our red team. We ensurethe security of software and hardware that run our cloudinfrastructure, and strive to continuously improve our security stance.** The OCI Offensive Security group works as a team. We don't try to fit people into predefined roles. We bring together the right people who can enhance the capability of the team, and build roles around the person's skills and interests. These are exciting times in our space. We are growing fast, still at an early stage and working on ambitious new initiatives. A security-focused engineer at any level can have significant technical and business impact. Come shape the future of one of the largest clouds on earth with us. Overall, OCI Offensive Security team performs a variety of work ranging from penetration testing, fuzzing, red-teaming and tool development. To get you excited, here is a list of some of the projects over the last year this team has worked on: * Big iron - ExaLogic, ExaData, UltraSPARC, InfiniBand * Firmware reverse engineering of various hardware components * Developing custom fuzzing platforms for code-coverage analysis * Several different hypervisors * Linux and Windows kernel mode non-sense * The list goes on and on! Responsibilities **Some of our people have qualifications like the ones listed below.Our ideal candidate is passionate about security and furtheringtheir knowledge every day. You enjoy diving into complex source codeaudits to reveal subtle security vulnerabilities, writing new tools suchas fuzzers in languages such as C/C , Python, Ruby, Go or Java,tearing apart an undocumented file format or network protocol and comingup with novel techniques to solve unique and interesting securityproblems. We hope you like working at scale as much as we do much as wedo, because Oracle has no shortage of it.** * Bachelor's or Master's degree in Computer Science or related field or equivalent experience * 3 years of experience in vulnerability discovery / security engineering / application security * Emergent threat testing * Experience working in a large cloud or software company * Strong application/product/software security background * Ability to effectively assess and communicate risks and appropriate levels of urgency to management and engineering staff * Excellent organizational, verbal and written communication skills * Ability to succeed through collaboration and working through internal and external organizations and individuals * Prior DevOps or continuous delivery and deployment experience Some of our senior people have qualifications like these: * Master's degree in Computer Science or related field or equivalent experience * 7 years of experience in vulnerability discovery / security engineering / Application Security * Demonstrated history of vulnerability discovery (CVEs, etc.) * Extensive research or experience with multiple classes of security bugs * Conducting training / thought leadership / conference talks / publications Detailed Description and Job Requirements Design, develop, troubleshoot and debug software programs for databases, applications, tools, networks etc. As a member of the software engineering division, you will assist in defining and developing software for tasks associated with the developing, debugging or designing of software applications or operating systems. Provide technical leadership to other software developers. Specify, design and implement modest changes to existing software architecture to meet changing needs. Duties and tasks are varied and