The Oracle Threat Intelligence Center (OTIC) is responsible for the tracking and monitoring of a range of threat actors from cybercrime to Advanced Persistent Threat (APT) groups impacting OCI and its customers. The scope and responsibility of this team includes attack analysis, tracking threat actor's indicators of compromise (IOCs) and their tactics, techniques, and procedures (TTPs), aiding in security incident response, executive communication, technical writing, and customer outreach.
As a Threat Intelligence Investigator, you will be responsible for tracking the activities of threat actors. This includes independently tracking numerous groups and leading operational activities during relevant situations. You will be expected to handle large and complex datasets and develop new solutions to enhance your tracking and analysis capabilities. You will also have a passion for cybersecurity, with a strong interest in researching and investigating current threat trends, emerging threats, and actors. This role requires the ability to produce intelligence products and adapt to an organic and fast-paced environment.
Key Responsibilities
Lead investigations through in depth analysis and collection efforts of suspected adversary campaigns across the OCI environment to deliver timely, actionable intelligence and create effective remediation strategies within the OCI environment.
Provide detailed attribution analysis to identify threat actors and inform proactive defense strategies
Manage cross-company and executive communications, explaining intricate technical matters to non-technical audiences.
Facilitate post-incident reviews to extract lessons learned, document new threat intelligence, and drive resolution actions with impacted teams.
Stay up to date on emerging threats, vulnerabilities, security technologies, and global geopolitical issues to assess their potential impact and proactively enhance Oracle’s defenses.
Manage and maintain threat intelligence platforms (TIPs) and other cyber threat intelligence (CTI) related tools to enrich data and streamline workflows.
Collaborate with partner Cloud security teams during all phases of the incident response lifecycle to integrate intelligence findings into resolution and mitigation plans.
Cultivate strategic relationships with key members of the Threat Intelligence community to expand access to information and strengthen trust networks.
Develop and refine intelligence processes to ensure the timely and accurate delivery of strategic, operational, and tactical intelligence.
Elevate analytic quality and reporting standards by providing critical peer review and strategic feedback to fellow investigators.
Manage and execute a high volume of time-sensitive intelligence requests from internal and external customers by prioritizing, categorizing, and delivering timely and accurate information.
Deliver finished intelligence analysis and assessments to internal and external customers through written reports, demonstrating expertise and enabling informed decision-making.
Preferred Qualifications
6-10+ years of industry experience in analytical and operational threat intelligence to perform case management and response against advanced persistent threats (APTs).
Investigative experience tracking distinct APT groups providing intelligence on their methodologies.
Expertise in one or more of the following areas: national security, defense, intelligence, law enforcement, or foreign area and language expertise relevant to threat analysis
Knowledge of cloud services such as storage, computing, networking
In-depth knowledge of multiple operating systems, including Windows, UNIX/Linux, and macOS, and familiarity with associated threat landscapes.
Skilled in conducting open-source intelligence (OSINT) research across a wide range of topics.
Strong verbal, written, and interpersonal communication skills, with demonstrated ability to convey complex technical information to diverse, non-technical stakeholders.
Prior experience in Incident Response, Security Operations Center (SOC), and/or Digital Forensics Analysis.
Experience with malware analysis is highly desirable.
Strong understanding of common attack types, vectors, and corresponding mitigations.
Proficient in using structured queries to extract data from logs and in developing detection signatures (e.g., YARA, Snort, Suricata, Bro/Zeek).
Bachelor or Master of Science degree in Computer Science, Computer Engineering, Information Systems, Cybersecurity, or equivalent practical experience.
Previous experience working on a global or geographically distributed security team is a plus.
Active TS/SCI security clearance
Disclaimer:
Certain U.S. based or U.S. customer or client-facing roles may be required to comply with applicable requirements, such as immunization/occupational health mandates, and/or drug testing requirements.
Range and benefit information provided in this posting are specific to the stated locations only
US: Hiring Range in USD from: $104,200 to $234,600 per annum. May be eligible for bonus, equity, and compensation deferral.
Oracle maintains broad salary ranges for its roles in order to account for variations in knowledge, skills, experience, market conditions and locations, as well as reflect Oracle's differing products, industries and lines of business.
Candidates are typically placed into the range based on the preceding factors as well as internal peer equity.
Oracle US offers a comprehensive benefits package which includes the following:
1. Medical, dental, and vision insurance, including expert medical opinion
2. Short term disability and long term disability
3. Life insurance and AD&D
4. Supplemental life insurance (Employee/Spouse/Child)
5. Health care and dependent care Flexible Spending Accounts
6. Pre-tax commuter and parking benefits
7. 401(k) Savings and Investment Plan with company match
8. Paid time off: Flexible Vacation is provided to all eligible employees assigned to a salaried (non-overtime eligible) position. Accrued Vacation is provided to all other employees eligible for vacation benefits. For employees working at least 35 hours per week, the vacation accrual rate is 13 days annually for the first three years of employment and 18 days annually for subsequent years of employment. Vacation accrual is prorated for employees working between 20 and 34 hours per week. Employees working fewer than 20 hours per week are not eligible for vacation.
9. 11 paid holidays
10. Paid sick leave: 72 hours of paid sick leave upon date of hire. Refreshes each calendar year. Unused balance will carry over each year up to a maximum cap of 112 hours.
11. Paid parental leave
12. Adoption assistance
13. Employee Stock Purchase Plan
14. Financial planning and group legal
15. Voluntary benefits including auto, homeowner and pet insurance
The role will generally accept applications for at least three calendar days from the posting date or as long as the job remains posted.
Career Level - IC4
Only Oracle brings together the data, infrastructure, applications, and expertise to power everything from industry innovations to life-saving care. And with AI embedded across our products and services, we help customers turn that promise into a better future for all. Discover your potential at a company leading the way in AI and cloud solutions that impact billions of lives.
True innovation starts when everyone is empowered to contribute. That’s why we’re committed to growing a workforce that promotes opportunities for all with competitive benefits that support our people with flexible medical, life insurance, and retirement options. We also encourage employees to give back to their communities through our volunteer programs.
We’re committed to including people with disabilities at all stages of the employment process. If you require accessibility assistance or accommodation for a disability at any point, let us know by emailing accommodation-request_mb@oracle.com or by calling 1-888-404-2494 in the United States.
Oracle is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans’ status, or any other characteristic protected by law. Oracle will consider for employment qualified applicants with arrest and conviction records pursuant to applicable law.
We’re a cloud technology company that provides organizations around the world with computing infrastructure and software to help them innovate, unlock efficiencies and become more effective. We also created the world’s first – and only – autonomous database to help organize and secure our customers’ data.
Oracle Cloud Infrastructure offers higher performance, security, and cost savings. It is designed so businesses can move workloads easily from on-premises systems to the cloud, and between cloud and on-premises and other clouds. Oracle Cloud applications provide business leaders with modern applications that help them innovate, attain sustainable growth, and become more resilient.
The work we do is not only transforming the world of business--it's helping defend governments, and advance scientific and medical research. From nonprofits to companies of all sizes, millions of people use our tools to streamline supply chains, make HR more human, quickly pivot to a new financial plan, and connect data and people around the world.
At work, we embrace diversity, encourage personal and professional growth, and celebrate a global team of passionate people developing innovative technologies that help people and companies tackle real-world problems head-on.
If you’d like to join us, please visit our Careers page: https://www.oracle.com/corporate/careers/
For investor news, SEC filings, and financial information about Oracle (NYSE:ORCL), please visit https://investor.oracle.com/home/.
Follow us on X: x.com/oracle
Like our page on Facebook: facebook.com/Oracle/
Follow us on Instagram: instagram.com/oracle/
