Responsible for the planning, design and build of security architectures; oversees the implementation of network and computer security and ensures compliance with corporate security policies and procedures.
Responsible for basic planning, design and build of security systems, applications, environments and architectures; oversees the implementation of security systems, applications, environments and architectures and ensures compliance with information security standards and corporate security policies and procedures.Assist in development of incident response capabilities, training, and tool validation.May research, evaluate, track, and manage information security threats and vulnerabilities in situations where analysis of well-understood information is required and where computer programming/scripting knowledge is required.May participate in an incident management team, responding to security events in line with Oracle incident response playbooks. Investigates purported intrusions and breaches, and oversees root cause analysis. Coordinates incidents with other business units and may assist the Incident Commander during serious incidents. Participates in developing new methods, and playbooks, as well as basic scripts, applications, and tools. Research industry trends and constantly assess current controls and threat posture of new and existing products and services.Recommend and implement new security controls across Oracleâ€s line of business (LOB).Improve current processes and workflows to minimize manual efforts.
Minimum of 5 years related experience in an information security role, supporting security programs and security engineering/architecture in complex enterprise environments. Hands on experience with enterprise security architecture, engineering and implementation required.Knowledge of compliance program security controls, like ISO 27001, SOC 2, HITRUST, and FedRAMP, as applied to cloud SaaS, PaaS and IaaS operations.Familiarity with SDLC principles and scripting & programming languages (such as Terraform, Python, Ruby, .Preferred but not required qualifications include:Bachelor-level university degree in a relevant field from an accredited university, or equivalent. Experience in developing secure, scalable cloud architectures and distributed systems.Experience with high-level software design and development and the design, use, and deployment of automation and orchestration frameworks.Demonstrable scripting or programming experience.
GENERAL DESCRIPTION AND POSITION GOAL
Senior Forensic Specialist reports to the Director of Digital Forensics Management or another manager as assigned. The incumbent assists in performing forensic collection and analysis activities throughout Oracle, and personally manages highly confidential and sensitive information about legal matters, security events, and investigations. In addition, the incumbent may provide technical advice and guidance to attorneys, human resources staff, physical security personnel, security incident response teams, or other stakeholders within Oracle.
RESPONSIBILITIES/ TASKS
1. Maintain inventory, operability, and accountability of assigned company assets
2. Assist in testing assigned forensic tools and applications
3. Perform forensic imaging of computer and mobile systems and other data collections
4. Identify strengths, suggest workflow improvements, and gaps in capabilities of tools and applications
5. Work with internal stakeholders to ensure collection requests are performed in a forensically sound and timely manner
6. Document and follow Chain of Custody procedures to ensure quality and defensibility of forensic collections
7. Review documentation and procedures to help identify areas for thoroughness or improvement
8. Assist in forensic analysis of data for investigative purposes
9. Engage with other lines of business contacts within Oracle to expand capabilities for collections by establishing trusted and trained employees to serve as virtual team members
10. Professionally communicate with other employees and internal customers as needed for data or physical acquisitions
11. Ability to communicate effectively, timely, and appropriately while collaborating with a global team
12. Perform other duties as assigned
QUALIFICATIONS
Required qualifications
13. University degree from an accredited college or university, or equivalent certifications
14. 3 years of experience in information security, law enforcement or other related field, and of which at least 1 year is directly related to digital forensics
15. Strong technical experience, including multiple operating systems and networking
16. Knowledge of industry digital forensics standards and processes.
17. Good organizational skills and detail-orientation essential
18. Experience with disk encryption solutions including Microsoft Bitlocker, LUKS, TrueCrypt, VeraCrypt, McAfee or Symantec Disk Encryption
19. Good presentation, written and verbal communication skills
20. Self-starter: doesn’t need to be micro-managed
21. Problem solving skills and a good understanding of the scientific process
22. Excellent team player and collaborator
23. Ability to document technical procedures in a user-friendly way
24. Ability to transfer technical knowledge and cross-train others
25. Knowledge of forensic imaging and analysis of workstations, servers, cloud compute resources, and mobile devices
26. Direct experience with and including training and certification in at least one of the following: BlackLight and MacQuisitionMagnet Forensics AxiomOpenText/Guidance EnCaseCellebrite ToolsOxygen DetectiveFTK / AccessData EnterprisePaladin
27. Ability to Travel Internationally approximately 25%
28. Approximately 25% office / 75% work-from-home
Responsible for the planning, design and build of security architectures; oversees the implementation of network and computer security and ensures compliance with corporate security policies and procedures.
Responsible for basic planning, design and build of security systems, applications, environments and architectures; oversees the implementation of security systems, applications, environments and architectures and ensures compliance with information security standards and corporate security policies and procedures.
Assist in development of incident response capabilities, training, and tool validation.
May research, evaluate, track, and manage information security threats and vulnerabilities in situations where analysis of well-understood information is required and where computer programming/scripting knowledge is required.
May participate in an incident management team, responding to security events in line with Oracle incident response playbooks. Investigates purported intrusions and breaches, and oversees root cause analysis. Coordinates incidents with other business units and may assist the Incident Commander during serious incidents. Participates in developing new methods, and playbooks, as well as basic scripts, applications, and tools.
Research industry trends and constantly assess current controls and threat posture of new and existing products and services.
Recommend and implement new security controls across Oracle’s line of business (LOB).
Improve current processes and workflows to minimize manual efforts.
Minimum of 5 years related experience in an information security role, supporting security programs and security engineering/architecture in complex enterprise environments. Hands on experience with enterprise security architecture, engineering and implementation required.
Knowledge of compliance program security controls, like ISO 27001, SOC 2, HITRUST, and FedRAMP, as applied to cloud SaaS, PaaS and IaaS operations.
Familiarity with SDLC principles and scripting & programming languages (such as Terraform, Python, Ruby, .
Preferred but not required qualifications include:
Bachelor-level university degree in a relevant field from an accredited university, or equivalent.
Experience in developing secure, scalable cloud architectures and distributed systems.
Experience with high-level software design and development and the design, use, and deployment of automation and orchestration frameworks.
Demonstrable scripting or programming experience.