Description Design, develop, troubleshoot and debug software programs for databases, applications, tools, networks etc. About Our Team: We build and operate Parfait, Oracle’s enterprise-grade Static Application Security Testing (SAST) platform used daily by thousands of developers across multi-million-line C/C++ repositories. Our stack centers on LLVM/Clang and advanced interprocedural analysis to deliver precise, low-noise findings that integrate seamlessly with editors, code review, and CI systems. We partner closely with product teams and security engineering to prevent vulnerabilities before they ship. What We Offer: High-impact work securing flagship Oracle products by raising the bar on memory safety in C/C++ Close collaboration with compiler engineers, application security specialists, and large product teams A culture focused on sound engineering, thoughtful design reviews, and mentorship Support for technical growth (conferences, courses, and research collaboration in program analysis and security) Modern tooling, robust CI, and a mandate to ship reliable improvements at scale About You: You are a seasoned engineer with deep experience in static analysis or compilers and a passion for memory safety You can translate Rust-inspired ideas (ownership, borrowing, lifetimes) into practical, precise checks for C/C++ You design maintainable systems, communicate clearly, and mentor peers across disciplines You are disciplined about performance, signal-to-noise, and developer ergonomics You are eligible to work in Australia without sponsorship Desired Criteria: BS, MS, or PhD in Computer Science or related field, or equivalent practical experience 8 years building production-quality developer tooling, compilers, or large-scale backend systems; strong C++ required Expertise in memory safety for C/C++ (e.g., use-after-free, double free, leaks, buffer overflows, uninitialized use, iterator invalidation) Strong background in program analysis: interprocedural dataflow, points-to/alias analysis, escape and lifetime analysis, abstract interpretation, SSA/CFG Hands-on experience with LLVM/Clang (AST/IR, custom passes, static analysis frameworks) Familiarity with Rust concepts (ownership/borrowing/lifetimes) and borrow-checking techniques Experience integrating tools into developer workflows Scripting proficiency (Python, Bash) for analysis pipelines and tooling automation Excellent communication skills and an ability to produce clear, actionable findings and guidance Responsibilities Design and implement advanced analyses in Parfait to detect and prevent memory-related vulnerabilities at scale Introduce ownership/borrow-inspired models for C/C++ (lifetime inference, alias/move tracking, escape analysis) and integrate them into Parfait’s interprocedural analysis stack Extend and optimize LLVM/Clang-based infrastructure, balancing precision, performance, and scalability across very large codebases Reduce false positives/negatives through improved modeling, heuristics, path sensitivity, and configurable policies; validate changes with real-world repositories Partner with security engineering and product teams to prioritize rules, define secure-by-default patterns, and publish guidance that brings Rust-like safety practices to C/C++ development Instrument and monitor analysis latency, coverage, and quality, and drive continuous improvements to meet reliability and freshness targets LI-DNI Qualifications Career Level - IC4