Security Engineer

As a Security Engineer at Oracle Cloud Infrastructure (OCI), you will be at the forefront of designing and building secure cloud systems that support global business operations. You will drive the planning, implementation, and continual improvement of robust security architectures—leveraging automation, orchestration, and AI to protect network and computing environments.

In this role, you will leverage Oracle Cloud services (OCI), and Palo Alto Networks Cortex XSOAR to deliver next-generation security automation. You will work closely with security operations, engineering, and compliance teams to ensure timely detection and mitigation of threats, while also streamlining and optimizing security workflows using cutting-edge tools and methodologies.

Key Responsibilities

• Lead automation and orchestration of security processes, utilizing XSOAR to reduce manual efforts and accelerate incident response.

• Plan, design, and build security architecture for network, infrastructure, and cloud environments in OCI.

• Oversee implementation of enterprise security controls and solutions, ensuring adherence to Oracle's security policies and industry standards.

• Collaborate in the development and enhancement of incident response capabilities, contributing to playbook design, tool selection, and team training.

• Research, track, and manage information security threats and vulnerabilities, leveraging both technical analysis and threat intelligence.

• Participate in incident response, root cause analysis, and workflow optimization, coordinating with cross-functional teams and escalating as needed.

• Develop and maintain scripts, tools, and AI-powered solutions to automate security monitoring, alerting, and response processes.

• Continuously assess and enhance security controls in alignment with the latest industry trends, risks, and compliance mandates (e.g., ISO 27001, SOC 2, HITRUST, FedRAMP).

• Recommend and implement security control improvements across Oracle's business lines to ensure a strong, proactive security posture.

Required Qualifications

• 5+ years of progressive experience in information security, with hands-on roles supporting enterprise engineering.
• Proven expertise designing and implementing large-scale security solutions cloud-centric environments.
• Strong experience with programming and scripting (Python required)
• Substantial experience with security automation and orchestration frameworks, particularly Cortex XSOAR.
• In-depth knowledge of regulatory and compliance requirements (ISO 27001, SOC 2, HITRUST, FedRAMP) and application in cloud (SaaS, PaaS, and IaaS) operations.
• Familiarity with SDLC, DevSecOps practices, and modern CI/CD pipelines.

Preferred Qualifications

• Master's degree or additional certifications (e.g., CISSP, CISM, CCSP, AWS/Azure Architect).
• Experience integrating AI/ML solutions into security operations.
• Demonstrated success developing and deploying automation tools to streamline SecOps.

• Experience using PAN XSOAR.

• Lead automation and orchestration of security processes, utilizing XSOAR to reduce manual efforts and accelerate incident response.

• Plan, design, and build security architecture for network, infrastructure, and cloud environments in OCI.

• Oversee implementation of enterprise security controls and solutions, ensuring adherence to Oracle's security policies and industry standards.

• Collaborate in the development and enhancement of incident response capabilities, contributing to playbook design, tool selection, and team training.

• Research, track, and manage information security threats and vulnerabilities, leveraging both technical analysis and threat intelligence.

• Participate in incident response, root cause analysis, and workflow optimization, coordinating with cross-functional teams and escalating as needed.

• Develop and maintain scripts, tools, and AI-powered solutions to automate security monitoring, alerting, and response processes.

• Continuously assess and enhance security controls in alignment with the latest industry trends, risks, and compliance mandates (e.g., ISO 27001, SOC 2, HITRUST, FedRAMP).

• Recommend and implement security control improvements across Oracle's business lines to ensure a strong, proactive security posture.