Senior Application Security Engineer Role
As a Senior Application Security Engineer, you will lead incident investigations, coordinate teams, and ensure swift remediation of security incidents. You will also participate in threat hunts, purple team exercises, and implement signature-based detections to secure web applications.
Main Responsibilities
1. Lead incident investigations, coordinating with different teams and ensuring a steady pace for remediation.
2. Find new detections and strengthen existing ones through threat hunts.
3. Participate in and lead purple team exercises to enhance detection and response capabilities.
4. Determine the best remediation strategy for active security incidents in collaboration with Development and Security teams.
5. Implement signature-based detections and mitigations within WAF and RASP solutions.
6. Build and manage tools/automation to improve current workflows.
7. Provide support to NetSuite's SOC with Application Security expertise.
8. Improve Incident Detection/Response mechanisms and streamline internal processes.
9. Cross-train and learn within and across focus groups.
10. Conduct proactive research on the latest attacks and translate into actionable input for detection and response mechanisms.
Career Level - IC3
Qualifications and Skills
1. 4+ years in Software Development, Security Engineering, or Incident Response.
2. Experience using Logging tools like OpenSearch or Elastic.
3. Knowledge on operating/implementing a WAF.
4. Application security and/or Software Development expertise.
5. Incident Response expertise or desire to learn.
6. Strong ethics and understanding of information security ethics.
7. Ability to work independently while supporting a team environment.
8. Effective task management.
9. Strong communication skills in English for both technical and executive audiences.
Nice to Have
1. Programming experience with one or more programming languages.
2. B.S. in Computer Science, Computer Engineering, or related field or commensurate experience.
3. Project coordination/project management skills.
4. Capability to design, improve, and implement complex workflows.
5. Familiarity with application security projects, tools, and safer software development.
6. Recognized industry certification and/or continuing education programs are a plus.
7. Experience or familiarity with AppSec activities: threat modeling, pen-testing, bug bounty, code reviews, CTF.
8. Contributions to open-source projects.
About Oracle NetSuite
We value diversity and inclusion at Oracle NetSuite, creating an environment where everyone can be themselves and do their best work. An Oracle NetSuite career offers opportunities to tackle new roles, challenges, and blend work and life.