At Oracle Cloud Infrastructure (OCI), we build the future of the cloud for Enterprises as a diverse team of fellow creators and inventors. We act with the speed and attitude of a start-up, with the scale and customer-focus of the leading enterprise software company in the world.
Values are OCI's foundation and how we deliver excellence. We strive for equity, inclusion, and respect for all. We are committed to the greater good in our products and our actions. We are constantly learning and taking opportunities to grow our careers and ourselves. We challenge each other to stretch beyond our past to build our future.
You are the builder here. You will be part of a team of really smart, motivated, and diverse people and given the autonomy and support to do your best work. It is a dynamic and flexible workplace where you'll belong and be encouraged.
The OCI Threat Intelligence Center is responsible for the tracking and monitoring of a range of threat actors from cybercrime to Advanced Persistent Threat (APT) groups impacting OCI and its customers. The scope and responsibility of this team includes attack analysis, tracking threat actor's indicators of compromise (IOCs) and their tactics, techniques, and procedures (TTPs), aiding in security incident response, executive communication, and customer outreach.
As a Cleared Threat Intelligence Investigator, you will primarily focus on the day-to-day actions of threat actors that are of most significant value to our public sector partners. You will be responsible for tracking numerous groups independently and lead operational activities when situations present themselves. You will engage directly with pubic-sector customers and be responsible for maintaining those relationships and producing deliverables upon request. You will also have a passion for cyber security, researching and remaining current on attack trends, and ability to adapt to an organic and fast paced environment is a must.
- Leadcollectionand analysis efforts of suspected advanced persistent threatcampaignsacrossthe OCI ecosystem, develop remediation plans, and drive incidents to resolution and attribution.
- Manage various communication streams including cross company and executive communications
- Work with National Security Group and Corporate Affairs on various key initiatives
- Keep up-to-date on geopolitical issues across the world and be able to translate them into potential and future cyberincidents involving Oracle and its ecosystem
- Be an advocate for the needs of customers and help change scope and direction of Threat Intelligence program when necessitated.
- Develop and maintain threat intelligence procedures and runbooks.
- Ingratiate into the larger Threat Intelligencecommunity to create and maintain trust networks.
- Currently possesses a United States TS / SCI security clearance with polygraph.
- 4-6 years of industry experience performing analytical and operational work and case management against advanced threats. Have worked at least 3-4 different APT groups across at least two different regions in the world.
- Experience in one or more of the following fields of work: National security, military, federal intelligence, law enforcement, criminology, and/or foreign areas and language
- A broad background in information security with experience in security operations, vulnerabilities and exploitation, network security, and cloud security.
- Experience with variety ofoperating systems and threats that target them includingWindows, UNIX/LINUX, and MacOS
- Experience performing open source research on a variety of topics
- Excellent verbal/non-verbal communication skills with proficient ability to deliver technical information to non-technical staff
- Previous Incident Response, Security Operations Center, and/or Forensic Analyst experience preferred
- Previousexperience with malware analysis and/or reverse engineeringcapabilities highly desired
- Knowledge of common attack types/vectors and associated mitigations.
- Knowledge of how to use structured queries to pull data from logs and be able to formulate signatures such as ability to use YARA,Snort, Suricata, Bro/Zeeksuccessfully
- BS or MS degree in Computer Science, Computer Engineering, Information Systems, Cyber Security, or equivalent experience
- Prior experience working on a global security team is a plus