Principal cloud security engineer waf-220006is
*applicants are required to read, write, and speak the following languages*: english
*preferred qualifications*
*position overview*
the saas cloud security (scs) engineering organization is looking for an innovative and experience cloud web application firewall (waf) engineer to join our next generation devsecops projects in reshaping the cloud services landscape across all industry verticals and the world's most critical organizations.
the scs organization for securing enterprise-grade software services on behalf of our 25,000 customers, processing over 60 billion transactions per day.
*requirements*:
- 7+ years of cumulative experience in devsecops engineering, automation,, network security firewalls / loadbalancers, linux/ weblogic, identity management
- bachelor's degree in computer science or information technology
- devsecops experience and sdlc lifecycle
- excellent scripting experience in any of shell/ perl/ python etc languages
- linux administration: advanced including rpm build / grep / sed / awk utils
- fluency desired in any of the below cloud/ devops tools and technologies
- postman: rest api
- microservice platform: kubernetes administration including security
- microservice imaging: docker build and deploy
- cm tools: chef, python and ansible
- infra as code: terraform using cloud provider
- cloud infra: oracle cloud infrastructure/ aws/ azure/ gcp etc
- strong knowledge of network security architectures, including firewalls, demilitarized zones (dmz), router acls (access control lists), and web content filters.
reasonable knowledge of networking i.e., dns records, loadbalancers, subnets etc.
- strong understanding of on premise and cloud based web application firewall technologies
- experience with security programming using rest api's and automation
- knowledge of waf (web application firewall) concepts and implementation experience on any cloud platform
- basic understanding of system exploits (e.g., buffer overflows, pth attacks, windows authentication framework etc.).
basic understanding of ddos techniques and mitigation mechanisms
- oracle cloud infrastructure -oci prior knowledge and/ or certification desired.
- knowledge of http/s basic authentication, forms-based authentication including saml, sso & oauth standards
- experience with common http troubleshooting tools like httpwatch, fiddler & samltracer
*responsibilities*
- plan and drive waf implementation planning and deployment motions across the oracle saas fleet
- triage and understand waf logs to detect the potential threats/ blocks and tune waf policies for any red herrings
- automate and integrate incident response plans based on waf events
- build and update threat models based on waf event patterns.
- lead global architecture and deployment of web application firewalls (waf) working in close conjunction with security architecture and internal stakeholders
- monitors systems activities and fine tunes system parameters and configuration to optimize performance and ensure security of systems
- act as an escalation point for the waf team to assist and advice on issues associated with waf
- good analytic and trouble-shooting skills
- ability to collaborate and thrive in a dynamic high performing environment
- collaborate with team by promoting good ideas and concepts, help other team members grow their skills
- good written and verbal communication skills
*detailed description and job requirements*
be a part of the e-business suite success story.
work with oracle's world class technology to develop, implement, and support oracle's global infrastructure.
*oracle is an affirmative action-equal employment opportunity employer.
all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability, protected veterans status, age, or any other characteristic protected by law.
*
*job*: information technology
*travel*: no
*location*: mx-mx,mexico-guadalajara/zapopan
*job type*: regular employee hire
*organization*: oracle