Consulting Hardware Security Engineer Job at Oracle in Nashville

Overview

Job Description: Security Engineer (Safety) for Oracle Cloud Infrastructure (OCI) Security Architecture. The OCI Hardware Security group conducts security assessments of production hardware, defines requirements for future hardware components, and works across Oracle and third-party vendors to influence hardware platform security. The team focuses on improving Oracle Cloud's operational security posture through supply chain and operational requirements for devices in data centers.
Career Level - IC5.

Responsibilities

• Develop and communicate requirements for new vendors and hardware (compute, storage, networking).
• Perform architectural reviews, penetration testing, and vulnerability analysis of compute infrastructure hardware (Servers: Intel, AMD, ARM; Baseboard Management Controllers like Oracle’s ILOM; UEFI and platform firmware; Smart NICs; Storage devices; Network controllers and other peripherals).
• Provide consulting on security risk associated with compute hardware and firmware in the context of cloud usage.
• Provide consulting and review of device sanitization as per NIST-800-88 R1 standards.
• Provide standard operating procedures for safe use of compute hardware through its lifecycle (provisioning, operations, reuse/decommission).
• Engage with Oracle Hardware Division and third-party vendors to understand roadmaps and drive multi-year security improvements across the OCI Infrastructure.
• Review or assess engineering changes or revisions (e.g., new firmware, vendor revisions) and participate in external standards groups to drive industry improvements.
• Consult development teams and third-party vendors in secure system design and architecture.
• Champion and consult on secure development lifecycle practices.
• Communicate and educate Senior Management on key security topics and directions.

Qualifications

• Experience with security assessments of hardware components and firmware in cloud environments.
• Ability to perform vulnerability analysis, threat modeling, penetration testing related to compute hardware and firmware.
• Knowledge of hardware upgrade cycles, vendor roadmaps, and integration with cloud platforms.
• Familiarity with NIST-800-88 R1 device sanitization standards.
• Strong communication skills for influencing stakeholders and senior management.

Skills

• Engage with Oracle Hardware Division and third-party vendors to understand roadmaps.
• Create planning roadmaps to drive multi-year security improvements across OCI Infrastructure.
• Review or assess engineering changes or revisions of an existing component (e.g., firmware updates).
• Identify and participate in external standards groups to drive industry improvements.
• Consult development teams and third-party vendors in secure system design and architecture.
• Champion secure development lifecycle practices.
• Educate Senior Management on key security topics and directions.

Benefits

• Medical, dental, and vision insurance; disability and life insurance options.
• Flexible Spending Accounts and commuter benefits.
• 401(k) with company match; paid time off and holidays; parental leave; adoption assistance.
• Employee Stock Purchase Plan; voluntary benefits including auto, home, and pet insurance.

About Us

As a world leader in cloud solutions, Oracle uses tomorrow’s technology to tackle today’s challenges. We’re committed to an inclusive workforce and supporting our people with flexible benefits and volunteer programs. Oracle is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veterans’ status, or any other characteristic protected by law.

Job Details

• Seniority level: Mid-Senior level
• Employment type: Full-time
• Job function: Information Technology
• Industries: IT Services and IT Consulting

Location: Nashville, TN