Missouri Information Technology Jobs

Jobs.mo.gov mobile logo

Job Information

Oracle Penetration Tester 4 in Chesterfield, Missouri

Performs penetration testing and attack simulations on business critical infrastructure including internal servers, networks and applications to identify and resolve security flaws.

Performs penetration testing and attack simulations for business critical infrastructure including internal servers, networks and applications to identify and resolve security flaws. May also lead and supervise others competing these tasks. Self-scoping assessments. Researches and experiments with various methods attackers could use to exploit information security vulnerabilities. Develops standard methodologies and techniques for conducting penetration testing, including developing standard tool-sets and automating testing. Oversees and directs security testing activities within specific Oracle Lines of Businesses. Completes threat assessment reports that outline penetration test findings and presents findings to management. Verifies and automates exploits by developing scripts for colleagues to utilize.

Minimum 8 years combined experience from at least three of the following: security testing, systems development, systems administration, network administration, scripting, and security testing automation required. Preferred but not required qualifications include: BS or MS in Computer Science, Computer Security or Computer Engineering. Holds relevant industry certifications such as OSCP/ CREST CRT, CREST CCT Inf/App, OSCE, CISSP, GSEC, GPEN, GCFW, GWAPT, GAWN or equivalent. Has Common Vulnerabilities and Exposures (CVEs). Has contributed to an open source project.

Oracle is an Affirmative Action-Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability, protected veterans status, age, or any other characteristic protected by law.

This role is within Oracle SaaS Cloud Security. This team is responsible for ensuring the protection of Oracle s SaaS applications.

Oracle SaaS a.k.a. Oracle Cloud applications, built on machine learning, offer the most complete application suite with the best technology, enabling fast innovation with a modern UX and customer-first approach and one of the top strategic cloud services for Oracle. The SCS organization is responsible for securing enterprise-grade software services on behalf of our 25,000 customers, processing over 60 billion transactions per day.

You will have the opportunity to work in a cloud-scale environment using the latest security technologies/tools and collaborate with the best minds in the industry, to collectively stay ahead and respond to increasing threats to cloud services. And you will actively engage in conducting black box application security testing - complementing what the development teams do in a more holistic and more integrated setting through the security automation and tooling. Team responsibilities will include Dynamic App Security Testing/Fuzz Testing, Interactive / manual App security testing, network/OS security testing, firewall rules, security verifications.

About you:

Successful applicants will possess the knowledge necessary to conduct ethical hacking activities on;

web applications, middle-ware, Java containers/technologies,databases, systems and networks

Ethical hacking activities will be focused primarily on network applications and operating systems, but will also include the entire stack that comprises the Oracle Cloud

Familiarity with linux commandline and command line based scripts and tools for pen testing is required.

A background in web development and debugging is a plus, as is knowledge of common web application penetration testing tools and the ability to write/scripts and additional tools on an as needed basisMinimum Qualifications

5 years of experience with penetration testing.

BS in Computer Science, or equivalent experience

Ability to work in a collaborative, cross-functional team environment

In depth knowledge of security vulnerabilities including a detailed understanding of the OWASP top 10, secure design and secure coding principles

Ability to prioritize and handle concurrent assignments or projects.

Excellent team player, willing to share knowledge and skills with peers and team members

Strong presentation, written and verbal communication skills

Experience in security testing tools including static analysis, web application testing, infrastructure and network testing, and manual security testing requiredPreferred Qualifications

Experience penetration testing of Enterprise software, SaaS, IaaS or PaaS cloud services, 2 years minimum preferred

Experience with security tools like Burp Proxy, WebInspect, Appscan, Nessus, Qualys etc.

Proficient in at least one (preferably two) of the following languages: Java, C#, Go, Rust, Scala, Ruby, Python, JavaScript, or another object-oriented language

Strong grasp of Linux and Unix-like operating systemsOracle is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans status or any other characteristic protected by law.

Job: *Information Security Engineering

Organization: *Oracle

Title: Penetration Tester 4

Location: United States

Requisition ID: 2000112W

DirectEmployers