Global Product SecurityEthical Hacking Team (EHT) is a team of experienced security professionals who run in-depth security assessments on Oracle products.Over the years the EHT has built a suite of pioneering security tools internally used for vulnerability triaging, identification and exploitation. You will be working with other Ethical Hackers to add new capabilities to an existing tool or write a new one to demonstrate how to employ a new exploitation technique (Software or Hardware) or how to more efficiently find a category of bugs.For the 12 weeks of the internship period, you will be part of the EHT and will learn from experienced security professionals how to employ cutting-edge techniques to identify and exploit vulnerabilities, having plenty of occasions to sharpen your security skills, especially in the area of exploit writing. At the end, you will present to the team and interested external parties (Oracle Lab, Security Governance Oracle Cloud, willing to use your achievements for their everyday security activities.ResponsibilitiesA list of projects will be discussed at the beginning of the internship, and one will be selected. The selection will be made according to the past experience of the selected candidate and their interests. The project areas are:Implement scripts to detect software security defects in product binaries and installation media, to be executed by an internal Oracle frameworkImprove an EHT security tool or write a new one (fuzzer, Burp plugin, Python scapy script). Your additions will produce a feature that will require research on the detection and exploitation aspects of specific category of bugs (either Software or Hardware)Produce a proof-of-concept of a novel exploitation technique for a category of bug (either Software or Hardware)Details:The project can be executed remotely, if you live far from our offices. Our team can work from Oracle Reading (Thames Valley Park) or Oracle London (Moorgate). Ideally, a candidate able to be in the Reading office for 2 days a week would really maximise the added value of this experience. If the candidate wants to work on Hardware bugs, presence in Reading is a requirement (as Hardware testing equipment is only available in our Reading facilities)Enrolled in BachelorMasterdegree course in Computer Science or related fieldInterest in security with basic knowledge of one or more the following security topics: cryptography, web application security (OWASP TOP 10 or CWE TOP 30), memory corruption bugsProficiency in either Python, Java, go, bash or rustBasic knowledge of Linux and ability to use the command lineExcellent organizational, presentation, verbal and written communication skills in EnglishAbility to achieve the given milestones and objectives with limited supervisionWhatfor you?An extremely flexible working environmentThis role will enable you to see the complete lifecycle of vulnerabilities, from inception as part of an assessment to the response of the development team and eventual deployment of patches. By developing tools to automate the vulnerability discovery process you will enhance the security of some of the worldmost sensitive data and systemsYou will be able to experience how security is managed in a huge corporation, how different roles (Architect, Pentester, Defender) cooperate in real life, and, at the end of the experience, you will have much more info to decide your future path in Security.EHT interacts with some of the most innovative areas of the company including Oracle Research Labs, Oracle Cloud Infrastructure (OCI), Netsuite, the Oracle RDBMS engineering and the Java teams. This role will allow you to see how security is approached in a global enterprise and how the most difficult challenges are addressed and solved.Career Level - IC0About UsAs a world leader in cloud solutions, Oracle uses tomorrowtechnology to tackle todaychallenges. Wepartnered with industry-leaders in almost every sectorand continue to thrive after 40 years of change by operating with integrity.We know that true innovation starts when everyone is empowered to contribute. Thatwhy wecommitted to growing an inclusive workforce that promotes opportunities for all.Oracle careers open the door to global opportunities where work-life balance flourishes. We offer competitive benefits based on parity and consistency and support our people with flexible medical, life insurance, and retirement options. We also encourage employees to give back to their communities through our volunteer programs.Wecommitted to including people with disabilities at all stages of the employment process. If you require accessibility assistance or accommodation for a disability at any point, let us know by emailingaccommodation-request_mboracle.comcalling 1 888 404 2494 in the United States.Oracle is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veteransstatus, or any other characteristic protected by law. Oracle will consider for employment qualified applicants with arrest and conviction records pursuant to applicable law.