Application Security Engineer Jobs in Virginia (NOW HIRING)

Cyber Oracle Cloud Security - Consultant / Security Engineer II

Deloitte's Cyber team helps organizations address complex cybersecurity challenges while supporting resilient, secure growth. In this role, you will support Oracle Cloud security engagements focused on application security, governance, risk, and compliance across Enterprise Resource Planning (ERP), Human Capital Management (HCM), and Supply Chain Management (SCM) environments. You will work with clients to assess risks, design controls, and implement security solutions that strengthen business processes and cloud operations.

Recruiting for this role ends on 12/31/2026.

Work you'll do

As a Security Engineer II on the Cyber Enterprise Security team, you will be responsible for supporting Oracle Cloud security and controls engagements across client environments.

• Support the assessment, design, and implementation of application security for Oracle Cloud ERP, HCM, SCM, and business process controls environments
• Participate in security design workshops and help translate business and technical requirements into Oracle Cloud security configurations
• Design and configure Oracle Cloud roles across functional areas, including Financials, SCM, HCM, and Enterprise Performance Management (EPM)
• Support the design and implementation of automated controls and governance, risk, and compliance solutions, including Oracle Risk Management Cloud
• Identify business process risks and control considerations and contribute to security-focused implementation and assessment activities

A successful candidate would possess these skills:

• Ability to work independently and collaborate as part of a team
• Effective written and verbal communication skills
• Meticulous attention to detail and quality of work product
• Ability to build and sustain professional relationships
• Ability to lead projects or workstreams
• Ability to manage and prioritize multiple tasks in a fast-paced and dynamic environment
• Strong interpersonal skills and professional demeanor
• Ability to meet deadlines
• Ability to provide clear guidance to others

The team

Our Enterprise Security Offering helps clients embed security across digital transformation efforts by securing core technology environments while enabling business change. The team works across security architecture, secure development and deployment, cloud security, application security, and emerging technology risks. Professionals in this practice help organizations strengthen security capabilities while supporting large-scale transformation programs.

Qualifications

Required:

• Bachelor of Arts or Bachelor of Science degree in Computer Science, Cyber Security, Information Security, Engineering, Information Technology, Management Information Systems, Finance, Accounting and Technology, or Business
• 2+ years of experience on large, complex projects with multiple country or regional rollouts, including support for security design workshops
• 2+ years of experience designing Oracle Cloud roles across Oracle Cloud Financials, Supply Chain Management, Human Capital Management, or Enterprise Performance Management
• 2+ years of experience with business process risk and controls design
• 2+ years of experience designing, configuring, and implementing Oracle Risk Management Cloud
• Ability to travel 50%, on average, based on the work you do and the clients and industries/sectors you serve.
• Limited immigration sponsorship may be available.

Preferred:

• Experience in consulting or Big 4 environments
• Certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or Certified Information Systems Auditor (CISA)
• Experience supporting end-to-end Oracle Cloud security and controls implementations across ERP, HCM, SCM, or EPM
• Experience with Oracle Cloud Infrastructure (OCI) security
• Experience with Segregation of Duties (SOD), personally identifiable information (PII), and Sarbanes-Oxley (SOX) control frameworks
• Experience with Single Sign-On (SSO), Multi-Factor Authentication (MFA), Oracle Identity Cloud Service (IDCS), or data protection tools

The wage range for this role takes into account the wide range of factors that are considered in making compensation decisions including but not limited to skill sets; experience and training; licensure and certifications; and other business and organizational needs. The disclosed range estimate has not been adjusted for the applicable geographic differential associated with the location at which the position may be filled. At Deloitte, it is not typical for an individual to be hired at or near the top of the range for their role and compensation decisions are dependent on the facts and circumstances of each case. A reasonable estimate of the current range is $82,600 to $162,800.

You may also be eligible to participate in a discretionary annual incentive program, subject to the rules governing the program, whereby an award, if any, depends on various factors, including, without limitation, individual and organizational performance.

Cyber Oracle Cloud Security - Consultant / Security Engineer II

Deloitte's Cyber team helps organizations address complex cybersecurity challenges while supporting resilient, secure growth. In this role, you will support Oracle Cloud security engagements focused on application security, governance, risk, and compliance across Enterprise Resource Planning (ERP), Human Capital Management (HCM), and Supply Chain Management (SCM) environments. You will work with clients to assess risks, design controls, and implement security solutions that strengthen business processes and cloud operations.

Recruiting for this role ends on 12/31/2026.

Work you'll do

As a Security Engineer II on the Cyber Enterprise Security team, you will be responsible for supporting Oracle Cloud security and controls engagements across client environments.

• Support the assessment, design, and implementation of application security for Oracle Cloud ERP, HCM, SCM, and business process controls environments
• Participate in security design workshops and help translate business and technical requirements into Oracle Cloud security configurations
• Design and configure Oracle Cloud roles across functional areas, including Financials, SCM, HCM, and Enterprise Performance Management (EPM)
• Support the design and implementation of automated controls and governance, risk, and compliance solutions, including Oracle Risk Management Cloud
• Identify business process risks and control considerations and contribute to security-focused implementation and assessment activities

A successful candidate would possess these skills:

• Ability to work independently and collaborate as part of a team
• Effective written and verbal communication skills
• Meticulous attention to detail and quality of work product
• Ability to build and sustain professional relationships
• Ability to lead projects or workstreams
• Ability to manage and prioritize multiple tasks in a fast-paced and dynamic environment
• Strong interpersonal skills and professional demeanor
• Ability to meet deadlines
• Ability to provide clear guidance to others

The team

Our Enterprise Security Offering helps clients embed security across digital transformation efforts by securing core technology environments while enabling business change. The team works across security architecture, secure development and deployment, cloud security, application security, and emerging technology risks. Professionals in this practice help organizations strengthen security capabilities while supporting large-scale transformation programs.

Qualifications

Required:

• Bachelor of Arts or Bachelor of Science degree in Computer Science, Cyber Security, Information Security, Engineering, Information Technology, Management Information Systems, Finance, Accounting and Technology, or Business
• 2+ years of experience on large, complex projects with multiple country or regional rollouts, including support for security design workshops
• 2+ years of experience designing Oracle Cloud roles across Oracle Cloud Financials, Supply Chain Management, Human Capital Management, or Enterprise Performance Management
• 2+ years of experience with business process risk and controls design
• 2+ years of experience designing, configuring, and implementing Oracle Risk Management Cloud
• Ability to travel 50%, on average, based on the work you do and the clients and industries/sectors you serve.
• Limited immigration sponsorship may be available.

Preferred:

• Experience in consulting or Big 4 environments
• Certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or Certified Information Systems Auditor (CISA)
• Experience supporting end-to-end Oracle Cloud security and controls implementations across ERP, HCM, SCM, or EPM
• Experience with Oracle Cloud Infrastructure (OCI) security
• Experience with Segregation of Duties (SOD), personally identifiable information (PII), and Sarbanes-Oxley (SOX) control frameworks
• Experience with Single Sign-On (SSO), Multi-Factor Authentication (MFA), Oracle Identity Cloud Service (IDCS), or data protection tools

The wage range for this role takes into account the wide range of factors that are considered in making compensation decisions including but not limited to skill sets; experience and training; licensure and certifications; and other business and organizational needs. The disclosed range estimate has not been adjusted for the applicable geographic differential associated with the location at which the position may be filled. At Deloitte, it is not typical for an individual to be hired at or near the top of the range for their role and compensation decisions are dependent on the facts and circumstances of each case. A reasonable estimate of the current range is $82,600 to $162,800.

You may also be eligible to participate in a discretionary annual incentive program, subject to the rules governing the program, whereby an award, if any, depends on various factors, including, without limitation, individual and organizational performance.