Current jobs related to Principal Security Researcher - United Kingdom - Oracle
-
Principal Security Engineer
7 days ago
United Kingdom Intaso Full time €100,000 - €115,000Job - Principal Security Engineer Job Type - Full Time Permanent Salary - £100,000 to £115,000 + Benefits + Discretionary bonus Location - Remote (potential of 2 days a month in Leeds or London) We have an exciting new opportunity our key client in their Security Architecture team for a Principal Security Engineer. You will support the client during...
-
Principal Security Engineer
6 days ago
United Kingdom Intaso Full time €100,000 - €115,000Job - Principal Security Engineer Job Type - Full Time Permanent Salary - £100,000 to £115,000 + Benefits + Discretionary bonus Location - Remote (potential of 2 days a month in Leeds or London) We have an exciting new opportunity our key client in their Security Architecture team for a Principal Security Engineer. You will support the client during...
-
Principal Security Engineer
7 days ago
United Kingdom Intaso Full time €100,000 - €115,000Job - Principal Security Engineer Job Type - Full Time Permanent Salary - £100,000 to £115,000 + Benefits + Discretionary bonus Location - Remote (potential of 2 days a month in Leeds or London) We have an exciting new opportunity our key client in their Security Architecture team for a Principal Security Engineer. You will support the client during...
-
Principal Security Engineer
7 days ago
United Kingdom Intaso Full timeJob - Principal Security Engineer Job Type - Full Time Permanent Salary - £100,000 to £115,000 + Benefits + Discretionary bonus Location - Remote (potential of 2 days a month in Leeds or London) We have an exciting new opportunity our key client in their Security Architecture team for a Principal Security Engineer. You will support the client during...
-
Principal Security Engineer
3 days ago
united kingdom Intaso Full timeJob - Principal Security Engineer Job Type - Full Time Permanent Salary - £100,000 to £115,000 + Benefits + Discretionary bonus Location - Remote (potential of 2 days a month in Leeds or London) We have an exciting new opportunity our key client in their Security Architecture team for a Principal Security Engineer. You will support the client during...
-
Principal Security Engineer
7 days ago
United Kingdom Intaso Full timeJob - Principal Security EngineerJob Type - Full Time PermanentSalary - £100,000 to £115,000 + Benefits + Discretionary bonusLocation - Remote (potential of 2 days a month in Leeds or London)We have an exciting new opportunity our key client in their Security Architecture team for a Principal Security Engineer. You will support the client during their...
-
Principal Security Engineer
6 days ago
United Kingdom Intaso Full timeJob - Principal Security EngineerJob Type - Full Time PermanentSalary - £100,000 to £115,000 + Benefits + Discretionary bonusLocation - Remote (potential of 2 days a month in Leeds or London)We have an exciting new opportunity our key client in their Security Architecture team for a Principal Security Engineer. You will support the client during their...
-
Principal Security Engineer
6 days ago
United Kingdom Intaso Full time €100,000 - €115,000Job - Principal Security Engineer Job Type - Full Time Permanent Salary - £100,000 to £115,000 + Benefits + Discretionary bonus Location - Remote (potential of 2 days a month in Leeds or London) We have an exciting new opportunity our key client in their Security Architecture team for a Principal Security Engineer. You will support the client during...
-
Security Researcher
2 weeks ago
United Kingdom Glasswall Full timeAs an Associate Security Researcher you will be working within the security research department which specializes in investigating and devising solutions to existing and potential threats. Projects issued to this department can span security insight, defensive testing, security engineering and development projects, full malware analysis/dissection projects...
-
Security Researcher
2 weeks ago
United Kingdom Glasswall Full timeAs an Associate Security Researcher you will be working within the security research department which specializes in investigating and devising solutions to existing and potential threats. Projects issued to this department can span security insight, defensive testing, security engineering and development projects, full malware analysis/dissection projects...
-
Security Researcher
2 weeks ago
United Kingdom Glasswall Full timeAs an Associate Security Researcher you will be working within the security research department which specializes in investigating and devising solutions to existing and potential threats. Projects issued to this department can span security insight, defensive testing, security engineering and development projects, full malware analysis/dissection projects...
-
Researcher cyber security
2 weeks ago
United Kingdom Glasswall Full timeAs an Associate Security Researcher you will be working within the security research department which specializes in investigating and devising solutions to existing and potential threats. Projects issued to this department can span security insight, defensive testing, security engineering and development projects, full malware analysis/dissection projects...
-
Researcher cyber security
2 weeks ago
United Kingdom Glasswall Full timeAs an Associate Security Researcher you will be working within the security research department which specializes in investigating and devising solutions to existing and potential threats. Projects issued to this department can span security insight, defensive testing, security engineering and development projects, full malware analysis/dissection projects...
-
Cyber Security Engineer
4 weeks ago
United Kingdom Iceberg Cyber Security Full timeWe are recruiting for our client's global Cybersecurity team and this hire will be the first Network Security Engineer in the London office. There are other engineers and SecOps engineers in London for you to collaborate with. The UK team has a brilliant office culture. Our client is more interested in your mindset and problem solving skills than the...
-
Experienced Security Engineer
3 days ago
United Kingdom Iceberg Cyber Security Full timeWe are recruiting for our client's global Cybersecurity team and this hire will be the first Network Security Engineer in the London office. There are other engineers and SecOps engineers in London for you to collaborate with. The UK team has a brilliant office culture. Our client is more interested in your mindset and problem solving skills than the...
-
united kingdom Iceberg Cyber Security Full timeWe are recruiting for our client's global Cybersecurity team and this hire will be the first Network Security Engineer in the London office. There are other engineers and SecOps engineers in London for you to collaborate with. The UK team has a brilliant office culture. Our client is more interested in your mindset and problem solving skills than the...
-
Experienced Security Engineer
3 days ago
United Kingdom Iceberg Cyber Security Full timeWe are recruiting for our client's global Cybersecurity team and this hire will be the first Network Security Engineer in the London office. There are other engineers and SecOps engineers in London for you to collaborate with. The UK team has a brilliant office culture. Our client is more interested in your mindset and problem solving skills than the...
-
Researcher (Data Analysis)
2 weeks ago
United Kingdom Albert Bow Full timePrincipal Quant Researcher | HFT | Remote Global They already have 3 office locations but this role can be remote first. High level of raw programming experience (Python, C++ or Rust) ~ The role is remote globally and again Crypto experience is not required, just an interest in the sector and a track record in trad fi HFT. Principal Quant Researcher...
-
Researcher (Data Analysis)
2 weeks ago
United Kingdom Albert Bow Full timePrincipal Quant Researcher | HFT | Remote Global They already have 3 office locations but this role can be remote first. High level of raw programming experience (Python, C++ or Rust) ~ The role is remote globally and again Crypto experience is not required, just an interest in the sector and a track record in trad fi HFT. Principal Quant Researcher...
-
Quantitative Researcher
3 days ago
united kingdom Albert Bow Full timePrincipal Quant Researcher | HFT | Remote Global I'm currently expanding a Crypto HFT team after their hugely successful $50m in funding. They already have 3 office locations but this role can be remote first. This is a new team within an established company and the Lead Trader comes from a strong background at DRW then Tower Research. He is open to...
Principal Security Researcher
4 months ago
Senior Principal Security Researcher – UK, remote
Global Product Security’s Ethical Hacking Team (EHT) is seeking experienced, passionate and talented security researchers who relish the challenge of assessing large, complex software products. As a member of the EHT you will be responsible for planning and delivering in-depth security assessments across Oracle’s entire product and service portfolio.
With hundreds of products spanning many different vertical markets, your next project could be anything from static and dynamic analysis of a multi-node Java infrastructure, to writing a fuzzer for an undocumented network protocol or the grammar of a new programming language, to analysis and reverse engineering of firmware used in the thousands of servers supporting our cloud services. Creativity is highly valued; being able to find novel bugs and stitch them together to create something greater than the sum of their parts is essential in this role.
This is not your run-of-the-mill pentesting gig where you grind out web application assessments week in week out. The EHT is a dedicated security research group who invest the same amount of time and effort into breaking a product as you would expect from a state-sponsored APT.
Unlike an APT team, however, we’re not only invested in finding bugs but also making sure they are fixed correctly and don’t happen again. We don’t just need people who can find CVSS 10s, we need people who can use their skills and share their expertise to effect meaningful change across the company.
A successful candidate must have genuine excitement for and interest in security, as well as the desire to share knowledge and help others learn. Your work will benefit thousands of Oracle engineers worldwide and shape the future of product security within one of the largest software companies in the world.
Role’s core responsibilities:
- Scope and execute security assessments across a broad range of on-premise and cloud services; develop proof-of-concept code or end-to-end exploits for bugs you’ve identified.
- Create testing tools to help engineering teams identify weaknesses in their own code.
- Collaborate with engineering teams to help them triage and fix security issues, identifying systemic security weaknesses to create secure coding guidance that will educate all engineering teams within Oracle.
- Produce documentation, presentations and supporting material to deliver your findings to senior figures within the development organisation and your own management chain.
Target profile and skillset:
- 5+ years industry experience in a software/product assessment or penetration testing role.
- Proficiency reviewing code written in a variety of programming languages, including at least one of C, C++, Java or JavaScript.
- Extensive experience of vulnerability research and exploit development on Linux or Windows.
- Experience using common software security assessment tools in the following categories:
- Reverse Engineering (e.g. IDA Pro/Ghidra/Radare2)
- Network protocol analysis (e.g. Wireshark/tcpdump)
- Debugging (e.g. gdb, WinDbg, Intel Pin)
- Static code analysis (e.g. Fortify SCA, Coverity, SonarQube)
- Fuzzers and instrumentation (e.g. Jazzer /AFL/Boofuzz/AddressSanitizer)
- Web Application assessment (e.g. BurpSuite )
- Experience of creating new tools and scripts for novel assessment targets and vulnerability classes
- Experience with threat modelling and architecture analysis of complex applications.
- Extensive knowledge of common vulnerabilities in different types of software and programming languages, including:
- How to test for and exploit them
- Real world mitigations that can be applied
- Familiarity with vulnerability classification frameworks (e.g. OWASP Top 10)
Desirable Skills/Qualifications
- Bachelor’s or Master’s degree in Computer Science or related field (e.g. Electrical Engineering)
- Experience working in a large cloud or Internet software company
Required Soft Skills
- Aptitude for self-study, setting and achieving long term goals (for example, learning an unfamiliar programming language)
- Ability to effectively assess and communicate risks and appropriate levels of urgency to management and engineering staff
- Excellent organizational, presentation, verbal and written communication skills
