Why NetSuite?                                       

To start, you’ll be surrounded by smart, innovative, caring people — invested in our customers and the community. If you’re looking to share your unique perspective and ideas at a collaborative table and help equip all kinds of businesses achieve their visions, check us out.

 

Summary:

We're looking for great talent to help guide and execute our software security vision. As a Manager of a Software Development team you will lead an engineering team to identify and solve systemic problems and remediate vulnerabilities, establish best practices for our security program, and promote good security practices throughout NetSuite. The ideal candidate loves both building and breaking software. This is a job where details matter, and there are a lot of details, including all of web security, mobile security, cloud security and software security. You must be able to tell the difference between a big problem, a minor weakness, and a false positive. You must help developers understand security concepts and security practices. You need to be friendly but uncompromising when it comes to getting security right.

 

Responsibilities:

• Establish and track day to day work assignments for a security engineering team.
• Collaborate with application security management on program direction, team growth, and on addressing systemic security issues
• Identify areas where our programs can be improved (especially through automation), and where possible implement those improvements
• Identify, reproduce, and report security issues
• Collaborate with software engineers to make our software better
• Conduct internal security reviews
• Collaborate with internal compliance personnel to identify and understand vulnerabilities related to compliance obligations
• Mentor junior application security personnel

 

Minimum Qualifications:

• B.S. in Computer Science, Computer Engineering, or related field
• 8+ years in the field of software development and/or application security
• Expertise with testing tools (Burp, Fortify, etc.)
• Strong ethics and understanding of ethics in information security
• Capable of working independently
• Ability to efficiently manage multiple tasks
• Excellent communication skills in English
• Programming experience (bash, perl, zsh, Python, Java, C/C++). We're primarily a Java shop, but we work with multiple programming languages daily.

Bonus

• Experience working in an Agile development environment.
• Familiarity with common compliance standards.
• Recognized industry certification and/or continuing education programs are a major plus.

 

Manage a team that is responsible for the information security function, including but not limited to information technology security controls and architecture, information privacy, incident response/investigations and digital forensics, disaster recovery and business continuity, regulatory compliance, communication and training for information security initiatives.

Manages a team maintaining and/or implementing information security policies and procedures. Manages the development, deployment and execution of controls and defenses to ensure the security and risk mitigation of company infrastructure technology and information systems. Identifies security architecture, goals, objectives and metrics; analyzes business needs and priorities for protection of critical systems. Manage security programs and assurance, e.g. threat and vulnerabilities management, incident response management, management of forensic investigations. Evaluates potential business impacts from security breaches and provides guidance to business decision-makers. Develops and executes security systems compliance policies and procedures. Selects, develops and evaluates personnel to ensure the efficient operation of the function.

Minimum 7 years experience in the Information Security field required. Preferred but not required qualifications include: Bachelor-level university degree in a relevant field from an accredited university, or equivalent. 3 or more years of successful management experience including 1 or more years as a first level manager.

As part of Oracle's employment process candidates will be required to successfully complete a pre-employment screening process. This will involve identity and employment verification, professional references, education verification and professional qualifications and memberships (if applicable).