Principal Security Analyst, Threat And Vulnerability Management

Senior Security Analyst For Oracle Threat And Vulnerability Management

We are looking for a senior Security Analyst for Oracle Threat and Vulnerability Management. This role is ideal for a technically strong security professional with a passion for data-driven risk management. You will leverage analytical platforms to collect, analyze, and correlate security signals, uncovering actionable insights to better identify, prioritize, and mitigate emerging threats and vulnerabilities across the enterprise. Our ideal candidate is an inquisitive and curious analyst who combines deep technical knowledge with advanced data analysis skills. You are passionate about using data to drive smarter, faster decisions in threat detection, vulnerability management, and risk assessment. You're comfortable navigating large, complex data sets and translating technical findings into actionable business recommendations.

Responsibilities:

• Collect, normalize, and analyze diverse security signals from endpoints, infrastructure, applications, and external intelligence sources to assess potential risks.
• Lead and perform security risk assessments across critical systems, applications, and processes using data-driven methodologies.
• Use advanced analytics tools such as Jupyter and Spark to sift through large datasets, uncover patterns, and quantify risk profiles and threat trends.
• Translate analytical outcomes into prioritized, actionable mitigation strategies, collaborating with engineering and operations teams to ensure timely remediation.
• Help drive enhancements to the vulnerability management lifecycle, including detection, validation, risk scoring, and reporting.
• Develop visualizations and reports to effectively communicate findings, risks, and recommendations to technical and executive stakeholders.
• Identify opportunities to automate repetitive tasks related to data collection, analysis, and reporting; partner with development/engineering for tool integration.
• Work cross-functionally with threat intelligence, incident response, and risk management teams to ensure alignment and comprehensive coverage.

Qualifications:

• 8+ years of professional experience in security operations, threat/vulnerability management, or a similar cybersecurity discipline.
• Strong hands-on experience with analytical and scripting tools such as Python, Jupyter Notebooks, and Apache Spark.
• Proven ability to process and analyze large-scale security data sets to drive actionable threat/risk insights.
• Deep knowledge of vulnerability assessment tools, threat modeling, risk scoring methodologies, and common attack techniques.
• Familiarity with enterprise networking, system administration, and major OS security concepts (Windows, Linux, cloud platforms).
• Excellent written and verbal communication skills; able to clearly articulate complex technical issues to technical and non-technical audiences.

Preferred Qualifications:

• Hands-on experience developing or securing services on a public cloud platform (e.g., AWS, Azure, GCP, OCI).
• Industry certifications such as CISSP, OSCP, GIAC, or equivalents.
• Proven ability to drive culture and behavioral change within engineering organizations.
• Ability to effectively communicate and influence secure product and network design in a collaborative environment.
• Experience with security operations and security alert triage processes.
• Knowledge of compliance program security controls, like ISO/IEC 27001, SOC 2, PCI-DSS, HITRUST, FedRAMP, and UK Cyber Essentials.
• Knowledge of risk assessment frameworks, like ISO/IEC 27005, ISO 31000, FAIR, and NIST 800-30.
• Knowledge of incident response frameworks and methodologies, including frameworks like NIST 800-61 and MITRE ATT&CK.
• Experience building continuous integration/deployment pipelines with robust testing and deployment schedules.
• Experience and understanding of cryptographic algorithms, standards, implementation and application.
• Experience and understanding of threat modeling, penetration testing, reverse engineering and attacks on software.
• Experience working in large, complex global enterprise environments.

We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform crucial job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation. Oracle is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability, and protected veterans' status or any other characteristic protected by law. Oracle maintains broad salary ranges for its roles in order to account for variations in knowledge, skills, experience, market conditions and locations, as well as reflect Oracle's differing products, industries and lines of business. Candidates are typically placed into the range based on the preceding factors as well as internal peer equity. Oracle US offers a comprehensive benefits package which includes the following: medical, dental, and vision insurance, including expert medical opinion, short term disability and long term disability, life insurance and AD&D, supplemental life insurance (Employee/Spouse/Child), health care and dependent care Flexible Spending Accounts, pre-tax commuter and parking benefits, 401(k) Savings and Investment Plan with company match, paid time off, 11 paid holidays, paid sick leave, paid parental leave, adoption assistance, Employee Stock Purchase Plan, financial planning and group legal, and voluntary benefits including auto, homeowner and pet insurance.

The role will generally accept applications for at least three calendar days from the posting date or as long as the job remains posted. Career Level - IC4

About Us: As a world leader in cloud solutions, Oracle uses tomorrow's technology to tackle today's challenges. We've partnered with industry-leaders in almost every sector—and continue to thrive after 40+ years of change by operating with integrity. We know that true innovation starts when everyone is empowered to contribute. That's why we're committed to growing an inclusive workforce that promotes opportunities for all. Oracle careers open the door to global opportunities where work-life balance flourishes. We offer competitive benefits based on parity and consistency and support our people with flexible medical, life insurance, and retirement options. We also encourage employees to give back to their communities through our volunteer programs. We're committed to including people with disabilities at all stages of the employment process. If you require accessibility assistance or accommodation for a disability at any point, let us know by emailing accommodation-request_mb@oracle.com or by calling +1 888 404 2494 in the United States. Oracle is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans' status, or any other characteristic protected by law. Oracle will consider for employment qualified applicants with arrest and conviction records pursuant to applicable law.