Sign in to follow this  
mounikaAA

Immediate Opening for Oracle data base security engineer

Recommended Posts

mounikaAA

Database Security Engineer

 

Security engineer for Oracle EBS application  stack who has base understanding of the architecture and security model of each component, with an ability to drill down, investigate, develop fix and tes

You should understand the principles behind configuration management tools, good coding skills that allow you to develop and test mitigations, consistently and efficiently.  

Tech skills

 

·         Proficient in (one or several of the following areas)

 

o    Pre packaged Application security (ERP, EBS preferable)

§  SQL/PLSQL injection (from Web/Forms) detection and analysis

§  Example area: Definer and invoker execution rights

§  DB & OS configuration changes impact analysis

§  Security Changes execution following strict/long change/testing cycles

o    DB/WebLogic/Apex hardening. e.g.

§  Cross site scripting

§  Cookies

o    Reverse Proxies setup for security filtering

o    General security concepts

§  Vulnerabilities analysis

§  Encryption

§  Secrets management (certificates, passwords, etc)

§  Auditing and logging (on OS, DB, Apps Levels

Specific components include:

WebLogic:  Security realms, authentication mechanisms, session management

 

EBS core: EBS permission model, AutoConfig, patching, responsibility assignment, SSO integration, passwords and changes

Java:  JSPs, indirect calls between JSPs, Java sandbox model, classpaths, JAR/WAR packaging

Database: SQL injection, Oracle permission model, PL/SQL security, TNS security/authentication, DB auditing

Linux:  file permissions, process permissions, auditd, security frameworks like SELinux/AppArmor/Grsecurity

Network:  ACLs, the TCP/IP protocol stack, tracing tools, VLANs, state management

Apex: security model, password management, SQL injection

Web services: load balancing, ***** servers, Apache mod_security, virtual hosts

 
 

Soft skills

 

Self driven team player

Take directions from Tech Leads and put execution plan together with minimal supervision.

can suggesting/implementing creative solutions

 Thanks & Regards

[email protected]

346-444-2663 Extn 414

 

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this