AppSec Jobs
← Back to all jobs

Oracle

Security Vulnerability Management Engineer (Cloud)

ColombiaWebsite

Full details on LinkedIn

The complete job description, requirements, and application details are available on the original posting.

About Oracle

Oracle Corporation is a global leader in enterprise software and cloud computing, founded in 1977. Headquartered in Austin, Texas, with a significant campus in Redwood City, California, Oracle pioneered relational database management systems (RDBMS) and has grown to offer a wide range of database technology, business applications, cloud services, and AI solutions. The company reported annual revenues of $42.44 billion in 2022 and employs around 143,000 people. Oracle's product portfolio includes over 70 solutions, with its flagship Oracle Database being the first commercial RDBMS to utilize SQL for efficient data management. The company provides enterprise applications such as ERP and CRM, as well as cloud infrastructure and AI integrations. Oracle serves various sectors, including finance, healthcare, and government, delivering reliable and scalable solutions for large-scale data operations.

Industry

information technology & services

Employees

159,000

31614 engineers

Revenue

$61B

Website

Visit →

Security at Oracle

Compiled from public job postings, careers pages, and company materials. Data may not reflect current state — verify during interviews.

3 Intel Signals

Security Philosophy

Oracle's stated AppSec mission acknowledges that "As SaaS Cloud environments grow more dynamic, security risks are becoming more complex too."They aim to be "the single place for every Oracle SaaS customer to be heard"regarding security. Their risk philosophy is to "Provide expert security guidance to service teams to ensure OCI's products and services are secure by default."A key goal for the Software Assurance organization is to "make application security and software assurance, at scale, a reality."Information on developer enablement vs. gatekeeping (e.g., "developer-first"vs. "security sign-off") is not publicly available.

Security Team

Oracle's AppSec team structure and reporting lines are not publicly available, nor are key public-facing leaders or an estimated team size. As of, there are 3 active AppSec job postings. A common skill pattern from job postings includes "A minimum of 3+ years of experience in application security, product security, or systems security."

Key Initiatives

No public evidence was found for a Security Champions Program or specific "Shift Left"practices (e.g., pre-commit, IDE plugins, CI/CD controls). Vulnerability management intake includes "Critical Patch Updates, Security Alerts and Bulletins."Secure SDLC artifacts include "Oracle Access Governance expedites application onboarding with AI access bundle creation, mining, and recommendations."A recent initiative (last 6 months) is "Introducing the Application Security Idea Lab."

Preparing for an AppSec interview?

Get the weekly briefing 2,000+ security pros trust.