Oracle
Job Description
As a Threat Intelligence Investigator, you will be responsible for tracking the activities of threat actors. This includes independently tracking numerous groups and leading operational activities during relevant situations. You will be expected to handle large and complex datasets and develop new solutions to enhance your tracking and analysis capabilities. You will also have a passion for cybersecurity, with a strong interest in researching and investigating current threat trends, emerging threats, and actors. This role requires the ability to produce intelligence products and adapt to an organic and fast‑paced environment.
Key Responsibilities
Lead investigations through in‑depth analysis and collection efforts of suspected adversary campaigns across the OCI environment to deliver timely, actionable intelligence and create effective remediation strategies within the OCI environment.
Provide detailed attribution analysis to identify threat actors and inform proactive defense strategies.
Manage cross‑company and executive communications, explaining intricate technical matters to non‑technical audiences.
Facilitate post‑incident reviews to extract lessons learned, document new threat intelligence, and drive resolution actions with impacted teams.
Stay up to date on emerging threats, vulnerabilities, security technologies, and global geopolitical issues to assess their potential impact and proactively enhance Oracle’s defenses.
Manage and maintain threat intelligence platforms (TIPs) and other cyber threat intelligence (CTI) related tools to enrich data and streamline workflows.
Collaborate with partner Cloud security teams during all phases of the incident response lifecycle to integrate intelligence findings into resolution and mitigation plans.
Cultivate strategic relationships with key members of the Threat Intelligence community to expand access to information and strengthen trust networks.
Develop and refine intelligence processes to ensure the timely and accurate delivery of strategic, operational, and tactical intelligence.
Elevate analytic quality and reporting standards by providing critical peer review and strategic feedback to fellow investigators.
Manage and execute a high volume of time‑sensitive intelligence requests from internal and external customers by prioritizing, categorizing, and delivering timely and accurate information.
Deliver finished intelligence analysis and assessments to internal and external customers through written reports, demonstrating expertise and enabling informed decision‑making.
Preferred Qualifications
6‑10+ years of industry experience in analytical and operational threat intelligence to perform case management and response against advanced persistent threats (APTs).
Investigative experience tracking distinct APT groups providing intelligence on their methodologies.
Expertise in one or more of the following areas: national security, defense, intelligence, law enforcement, or foreign area and language expertise relevant to threat analysis.
Knowledge of cloud services such as storage, computing, networking.
In‑depth knowledge of multiple operating systems, including Windows, UNIX/Linux, and macOS, and familiarity with associated threat landscapes.
Skilled in conducting open‑source intelligence (OSINT) research across a wide range of topics.
Strong verbal, written, and interpersonal communication skills, with demonstrated ability to convey complex technical information to diverse, non‑technical stakeholders.
Prior experience in Incident Response, Security Operations Center (SOC), and/or Digital Forensics Analysis.
Experience with malware analysis is highly desirable.
Strong understanding of common attack types, vectors, and corresponding mitigations.
Proficient in using structured queries to extract data from logs and in developing detection signatures (e.g., YARA, Snort, Suricata, Bro/Zeek).
Bachelor or Master of Science degree in Computer Science, Computer Engineering, Information Systems, Cybersecurity, or equivalent practical experience.
Previous experience working on a global or geographically distributed security team is a plus.
Active TS/SCI security clearance.
Qualifications
These qualifications may include, but are not limited to, a mix of the preferred qualifications above along with any additional skills Oracle finds necessary for the role.
EEO Statement Oracle is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans’ status, or any other characteristic protected by law. Oracle will consider for employment qualified applicants with arrest and conviction records pursuant to applicable law.
#J-18808-Ljbffr
Key Responsibilities
Lead investigations through in‑depth analysis and collection efforts of suspected adversary campaigns across the OCI environment to deliver timely, actionable intelligence and create effective remediation strategies within the OCI environment.
Provide detailed attribution analysis to identify threat actors and inform proactive defense strategies.
Manage cross‑company and executive communications, explaining intricate technical matters to non‑technical audiences.
Facilitate post‑incident reviews to extract lessons learned, document new threat intelligence, and drive resolution actions with impacted teams.
Stay up to date on emerging threats, vulnerabilities, security technologies, and global geopolitical issues to assess their potential impact and proactively enhance Oracle’s defenses.
Manage and maintain threat intelligence platforms (TIPs) and other cyber threat intelligence (CTI) related tools to enrich data and streamline workflows.
Collaborate with partner Cloud security teams during all phases of the incident response lifecycle to integrate intelligence findings into resolution and mitigation plans.
Cultivate strategic relationships with key members of the Threat Intelligence community to expand access to information and strengthen trust networks.
Develop and refine intelligence processes to ensure the timely and accurate delivery of strategic, operational, and tactical intelligence.
Elevate analytic quality and reporting standards by providing critical peer review and strategic feedback to fellow investigators.
Manage and execute a high volume of time‑sensitive intelligence requests from internal and external customers by prioritizing, categorizing, and delivering timely and accurate information.
Deliver finished intelligence analysis and assessments to internal and external customers through written reports, demonstrating expertise and enabling informed decision‑making.
Preferred Qualifications
6‑10+ years of industry experience in analytical and operational threat intelligence to perform case management and response against advanced persistent threats (APTs).
Investigative experience tracking distinct APT groups providing intelligence on their methodologies.
Expertise in one or more of the following areas: national security, defense, intelligence, law enforcement, or foreign area and language expertise relevant to threat analysis.
Knowledge of cloud services such as storage, computing, networking.
In‑depth knowledge of multiple operating systems, including Windows, UNIX/Linux, and macOS, and familiarity with associated threat landscapes.
Skilled in conducting open‑source intelligence (OSINT) research across a wide range of topics.
Strong verbal, written, and interpersonal communication skills, with demonstrated ability to convey complex technical information to diverse, non‑technical stakeholders.
Prior experience in Incident Response, Security Operations Center (SOC), and/or Digital Forensics Analysis.
Experience with malware analysis is highly desirable.
Strong understanding of common attack types, vectors, and corresponding mitigations.
Proficient in using structured queries to extract data from logs and in developing detection signatures (e.g., YARA, Snort, Suricata, Bro/Zeek).
Bachelor or Master of Science degree in Computer Science, Computer Engineering, Information Systems, Cybersecurity, or equivalent practical experience.
Previous experience working on a global or geographically distributed security team is a plus.
Active TS/SCI security clearance.
Qualifications
These qualifications may include, but are not limited to, a mix of the preferred qualifications above along with any additional skills Oracle finds necessary for the role.
EEO Statement Oracle is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans’ status, or any other characteristic protected by law. Oracle will consider for employment qualified applicants with arrest and conviction records pursuant to applicable law.
#J-18808-Ljbffr