Job
Description
We are seeking a passionate and proactive Security Expert to serve as the Security Lead for OCI Data Integration and Intelligent Datalake teams. We are seeking a passionate and proactive Security Expert to serve as the Security Lead for OCI Data Integration and Intelligent Datalake teams, playing a pivotal role in integrating security seamlessly across product management, development, and compliance functions. This individual will be the bridge between development, security, and compliance teams ensuring smooth alignment with security architecture standards and fostering a strong, proactive security culture across the organization. Key Responsibilities: Conduct baseline security checks, ensuring alignment with enterprise security architecture standards. Work to improve security processes, tools, and automation. Conducting vulnerability assessments, penetration tests, and security audits to identify weaknesses in applications, infrastructure, and services. Oversee exception management processes, including identifying, assessing, and documenting risk exceptions. Analyze and triage monthly security tickets including Fortify findings, third-party assessments, malware scans, and more. Contribute to PCI DSS compliance efforts, ensuring controls are in place and audit ready. Play a key role during security incidents or crises by coordinating response and communication. Work closely with developers to remediate security issues including vulnerability fixes, version updates, OS hardening, and secure coding guidance accelerating product security compliance and 3P readiness. Perform regular Security Design reviews and operational monitoring in collaboration with relevant component teams. Represent the organization in audit programs, ensuring accurate and timely evidence collection, documentation, and stakeholder engagement. Qualifications: Bachelor s degree in computer science or a related field. 10+ years of experience in application/product security, risk management, or related roles. Experience in both offensive and defensive security, particularly in web application security, cloud security, and threat modeling. Solid understanding of secure software development lifecycle (SSDLC), common vulnerabilities, and remediation strategies. Experience with tools such as Fortify, SAST/DAST scanners, malware scanners, and ticketing platforms. Knowledge of industry frameworks. Strong collaboration and communication skills; able to work effectively across engineering, compliance, and security teams. Security certifications (e.g., CISSP, CISM). Familiarity with audit and compliance program management.
