Technical Program Manager, Threat and Vulnerability ...

Job Description Technical Program Manager - Threat and Vulnerability Management Oracle Cloud Infrastructure The Oracle Threat and Vulnerability Management (TVM) team proactively identifies, assesses, prioritizes, and relentlessly drives the remediation of security weaknesses and vulnerabilities at scale across the total enterprise. The TVM team performs security assessments, vulnerability research, guides and advises mitigation strategies, and coordinates the response to zero-day and other urgent vulnerabilities. We ensure the security of the software and hardware that runs our cloud and non-cloud infrastructure and strive for continuous improvement. As a team, we defend our customers and ensure Oracle meets or exceeds all applicable security and regulatory requirements in all markets. Values our foundation and how we deliver excellence. We strive for equity, inclusion, and respect for all. We are committed to the greater good in our products and our actions. We are constantly learning and taking opportunities to grow our careers and ourselves. We challenge each other to stretch beyond our past to build our future. You can learn more about us by visiting . Are you interested in building large-scale distributed security systems and tools for the cloud? Do you enjoy all aspects of security, from end user devices and traditional information technology (IT), to hyperscale cloud and multicloud services, to hardware and operational technology (OT)? A security-focused leader can have significant technical and business impact. This is a unique opportunity to work with smart people to solve complex and industry-wide problems in distributed systems, security, and multi-tenant Infrastructure-as-a-Service (IaaS) at massive scale. The biggest challenges for the team is the dynamic and fast growth of the business, driving us to improve our systems, tools, and automation to scale to our security expertise several orders of magnitude greater than what we can support today. We understand that software is living and needs investment. The challenge is making the right tradeoffs, communicating those decisions effectively, and crisp execution. Come shape the future of one of the largest cloud services on earth with us Our ideal candidate is a self-starter and excellent communicator who can prioritize appropriately, drive clarity, and work well with people at all levels. You are flexible and able to pivot quickly to address and drive new requests as they come up. You are highly organized, process-oriented, and comfortable working across a variety of teams to identify and implement the right mechanisms to deliver on our vision of the future. We are looking for a senior Technical Program Manger to lead key initiatives for Oracle Threat and Vulnerability Management. You will partner closely with engineering, product, and security leaders across Oracle to define strategy, drive execution, and deliver secure and scalable security services. This role requires a strong technical background, program leadership skills, and the ability to communicate and influence at all levels of the organization. The role requires an individual adept at managing high-visibility and fast-paced workstreams, keeping multiple deliverables running at the same time while driving execution and helping unblock work. Responsibilities + Lead end-to-end program execution for large-scale initiatives across multiple teams and disciplines across Oracle ensuring on-time and high-quality outcomes. This includes program planning, execution, and governance across engineering, operations, and security teams. + Define clear program scope, success metrics, timelines, and communication plans for complex and ambiguous problem spaces. + Drive alignment and communication across engineering, product, security, compliance, and operations stakeholders. + Influence architectural and security decisions by providing programmatic insights and risk assessments. + Anticipate and resolve cross-functional issues, mitigate risks proactively, and ensure program goals are met on time and with high quality. + Manage stakeholder communication at all levels, including status reporting, executive reviews, and customer-facing updates through concise updates, dashboards, and reviews. + Establish and improve program management processes to increase transparency, execution speed, and accountability. + Partner with engineering leaders to continuously improve operational excellence, incident response, and program delivery. + Champion OCI values such as u201cOwn without Egou201d, u201cAct Now, and Iterateu201d, and u201cEarn Trust, Give Trustu201d in every aspect of delivery. Qualifications + 5+ years technical program management experience + Experience in evaluating and assessing security threats across a variety of environments and industries. + Knowledge of data structures, algorithms, operating systems, and/or distributed systems fundamentals. + Understanding of secure networking principles, routers, switches and load balancers. + Understanding of databases, NoSQL systems, storage, and/or distributed persistence technologies. + Knowledge of database security principles. + Knowledge of encryption technologies and architectures. + Prior experience with distributed systems, cloud computing, and IaaS. + Understanding of security vulnerabilities and mitigation strategies. + Programming and debugging fundamentals in languages/interfaces, such as Python, Java, Go, etc. + Experience automating tedious work using available application programming interfaces. Preferred Qualifications + Hands-on experience developing or securing services on a public cloud platform (e.g., AWS, Azure, GCP, OCI). + Proven ability to drive culture and behavioral change within engineering organizations. + Strong knowledge of compliance program security controls, like ISO/IEC 27001, SOC 2, PCI-DSS, HITRUST, FedRAMP, and UK Cyber Essentials. + Strong knowledge of risk assesment frameworks, like ISO/IEC 27005, ISO 31000, FAIR, and NIST 800-30. + Knowledge of incident response frameworks and methodologies, including frameworks like NIST 800-61 and MITRE ATT&CK. + Experience with security operations and security alert triage processes. + Experience building continuous integration/deployment pipelines with robust testing and deployment schedules. + Experience working with internal customers and translating requests into prioritized work or features. + Experience and understanding of cryptographic algorithms, standards, implementation and application. + Experience and understanding of threat modeling, penetration testing, reverse engineering and attacks on software. + Experience working with large enterprise customers. Responsibilities + Lead end-to-end program execution for large-scale initiatives across multiple teams and disciplines across Oracle ensuring on-time and high-quality outcomes. This includes program planning, execution, and governance across engineering, operations, and security teams. + Define clear program scope, success metrics, timelines, and communication plans for complex and ambiguous problem spaces. + Drive alignment and communication across engineering, product, security, compliance, and operations stakeholders. + Influence architectural and security decisions by providing programmatic insights and risk assessments. + Anticipate and resolve cross-functional issues, mitigate risks proactively, and ensure program goals are met on time and with high quality. + Manage stakeholder communication at all levels, including status reporting, executive reviews, and customer-facing updates through concise updates, dashboards, and reviews. + Establish and improve program management processes to increase transparency, execution speed, and accountability. + Partner with engineering leaders to continuously improve operational excellence, incident response, and program delivery. + Champion OCI values such as u201cOwn without Egou201d, u201cAct Now, and Iterateu201d, and u201cEarn Trust, Give Trustu201d in every aspect of delivery. Disclaimer: Certain US customer or client-facing roles may be required to comply with applicable requirements, such as immunization and occupational health mandates. Range and benefit information provided in this posting are specific to the stated locations only US: Hiring Range in USD from: $90,100 to $199,500 per annum. May be eligible for bonus and equity. Oracle maintains broad salary ranges for its roles in order to account for variations in knowledge, skills, experience, market conditions and locations, as well as reflect Oracleu2019s differing products, industries and lines of business. Candidates are typically placed into the range based on the preceding factors as well as internal peer equity. Oracle US offers a comprehensive benefits package which includes the following: 1. Medical, dental, and vision insurance, including expert medical opinion 2. Short term disability and long term disability 3. Life insurance and AD&D 4. Supplemental life insurance (Employee/Spouse/Child) 5. Health care and dependent care Flexible Spending Accounts 6. Pre-tax commuter and parking benefits 7. 401(k) Savings and Investment Plan with company match 8. Paid time off: Flexible Vacation is provided to all eligible employees assigned to a salaried (non-overtime eligible) position. Accrued Vacation is provided to all other employees eligible for vacation benefits. For employees working at least 35 hours per week, the vacation accrual rate is 13 days annually for the first three years of employment and 18 days annually for subsequent years of employment. Vacation accrual is prorated for employees working between 20 and 34 hours per week. Employees working fewer than 20 hours per week are not eligible for vacation. 9. 11 paid holidays 10. Paid sick leave: 72 hours of paid sick leave upon date of hire. Refreshes each calendar year. Unused balance will carry over each year up to a maximum cap of 112 hours. 11. Paid parental leave 12. Adoption assistance 13. Employee Stock Purchase Plan 14. Financial planning and group legal 15. Voluntary benefits including auto, homeowner and pet insurance The role will generally accept applications for at least three calendar days from the posting date or as long as the job remains posted. Career Level - IC4 About Us As a world leader in cloud solutions, Oracle uses tomorrowu2019s technology to tackle todayu2019s challenges. Weu2019ve partnered with industry-leaders in almost every sectoru2014and continue to thrive after 40+ years of change by operating with integrity. We know that true innovation starts when everyone is empowered to contribute. Thatu2019s why weu2019re committed to growing an inclusive workforce that promotes opportunities for all. Oracle careers open the door to global opportunities where work-life balance flourishes. We offer competitive benefits based on parity and consistency and support our people with flexible medical, life insurance, and retirement options. We also encourage employees to give back to their communities through our volunteer programs. Weu2019re committed to including people with disabilities at all stages of the employment process. If you require accessibility assistance or accommodation for a disability at any point, let us know by emailing or by calling +1 888 404 2494 in the United States. Oracle is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veteransu2019 status, or any other characteristic protected by law. Oracle will consider for employment qualified applicants with arrest and conviction records pursuant to applicable law.

Created: 2025-10-27