As a Senior Application Security Engineer with a focus on Incident Investigation, you will be part of the Product Security team and work closely with NetSuite’s SOC. You will be the Application Security expert in incident investigations, deep diving through logs and code to provide the best context to Incident Responders and the best remediation path to product teams. Your contributions will be key to securing multiple cloud services and promoting good security practices throughout Oracle.

 

What You'll Do

Lead incident investigations, coordinating different teams and making sure there’s a steady pace to the remediation of the events. Find new and strengthen existing detections by participating in and leading threat hunts. Participate in and lead purple team exercises on various applications to strengthen our detection and response capabilities Determine the best strategy to remediate active security incidents in collaboration with Development and Security teams. Implement signature-based detections and mitigations within WAF and RASP solutions to secure our web applications. Build and manage tools/automation to improve our current workflows. Provide support to NetSuite’s SOC with Application Security specific knowledge. Improve NetSuite’s Incident Detection/Response mechanisms and streamline our internal processes. Cross-train and learn within and across focus groups. Perform proactive research to keep-up with the latest attacks and TTPs, and translate this into actionable input for our detection and response mechanisms. Collaborate with Application Security management on program direction, team growth, and addressing systemic security issues.

 

Career Level - IC3