Principal Application Security Consultant

Why Oracle-NetSuite?    

To start, you’ll be surrounded by smart, innovative, caring people — invested in our customers and the community. If you’re looking to share your unique perspective and ideas at a collaborative table and help equip all kinds of businesses achieve their visions, check us out.



We're looking for great talent with the mission of guiding and evangelizing security for a cloud software company.  As a Principal application security consultant you will focus on identifying and solving systemic problems, collaborating with our engineering teams, establishing best practices for our security program, and promoting good security practices throughout NetSuite. The ideal candidate loves both building and breaking software. This is a job where details matter, and there are a lot of details, including all of web security, mobile security, cloud security and software security. You must be able to tell the difference between a big problem, a minor weakness, and a false positive. You must help developers understand security concepts and practices. 



• Collaborate with application security management on program direction, team growth, and on addressing systemic security issues

• Identify areas where our programs can be improved (especially through automation), and where possible implement those improvements

• Identify, reproduce, and report security issues

• Collaborate with software engineers to make our software better

• Conduct internal security reviews

• Collaborate with internal compliance personnel to identify and understand vulnerabilities related to compliance obligations



Minimum Qualifications:

• B.S. in Computer Science, Computer Engineering, or related field

• 4+ years in the field of software development and/or application security

• Strong ethics and understanding of ethics in information security

• Knowledge of ISO-27001, BSIMM, OpenSAMM, Common Criteria, CLASP or other security frameworks.

• Programming experience (bash, perl, zsh, Python, Java, C/C++). We're primarily a Java shop, but we work with multiple programming languages daily.

• Experience working in an Agile development environment.

• Capable of working independently

• Ability to efficiently manage multiple tasks

• Excellent communication skills in English

• Experience speaking at security conferences or clubs are a plus

• Recognized industry certification and/or continuing education programs are a major plus.


Oracle is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans status or any other characteristic protected by law.