Principal Vulnerability Engineer – Java Security Platform

Social network you want to login/join with:

Client: Oracle

Location: York

Job Category: Other

EU work permit required: Yes

We are looking for a Principal Vulnerability Engineer to join the security vulnerability team for the Java platform. This team handles both offensive (red team) and defensive (blue team) security duties. Responsibilities include proactive research, security tooling, assessments, and assisting development teams with security code reviews. The ideal candidate must have at least 10+ years of hands-on experience in platform security, with deep knowledge of the Java security model. Extensive experience with security protocols and best practices is required. The candidate should be able to work independently, have a proven record of security incident resolution, and conduct proactive research using industry-standard tools. Experience with Java security issues and CVEs is a plus. Proficiency in Java, expert-level C/C++ skills, and systems programming are essential. Strong leadership, self-motivation, remote collaboration skills, and excellent communication are also required.

Responsibilities:

• Conduct proactive research for new vulnerability signatures in the Java platform.
• Create and maintain security tools for Java.
• Perform security assessments for new JDK features.
• Assist development teams with security code reviews, including Java and native code.

About Us:

As a global leader in cloud solutions, Oracle leverages cutting-edge technology to address current challenges. With over 40 years of industry experience, we foster innovation through inclusivity and integrity. We offer global opportunities with a focus on work-life balance, competitive benefits, and community engagement through volunteer programs.