Oracle Principal Security Analyst - Oracle Global Business Units in Houston, Texas
Executes security controls to prevent hackers from infiltrating company information or jeopardizing e-commerce programs.
Researches attempted efforts to compromise security protocols. Maintains security systems for routers and switches. Administers security policies to control access to systems. Maintains the company s firewall. Uses applicable encryption methods. Provides information to management regarding the negative impact on the business caused by theft, destruction, alteration or denial of access to information.
Leading contributor individually and as a team member, providing direction and mentoring to others. Work is non-routine and very complex, involving the application of advanced technical/business skills in area of specialization. Prefer 8 years relevant experience and BA/BS degree.
Oracle is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans status or any other characteristic protected by law.
Principal Security Analyst
Security, Risk and Regulatory Compliance Oracle Global Business Units
This senior position in the Security, Risk Management and Regulatory Compliance team will have responsibility for assuring that the GBUs' Development, Cloud Operations and Services teams properly manage regulatory requirements related to the design, development, deployment and post-deployment of products and services.
The position will drive the development and implement a comprehensive risk management and regulatory compliance strategy across the GBUs to optimize and continuously improve the information security of the GBU products and services. The role requires coordination between the GBUs Development, Cloud Services, Services, and Operations teams and Oracle's centralized Corporate Security Group and Oracle Legal organizations.
This team will ensure that the IT environment implements, demonstrates and continuously monitors the controls required to meet key security frameworks and regulatory requirements including ISO 2700x, PCI DSS, HIPAA and SSAE 16 as required by the GBUs.
Build a world class security and compliance program to support a heterogeneous group of businesses
Collaborate with LoB security leaders to ensure awareness and consistency in approach and delivery
Facilitate third party attestations, audits and certification efforts for the GBUs
Develop customer facing documentation that describe the security and compliance across the GBUs including Oracle Cloud for Industry
Assess the Cloud compliance and security landscape to keep OCI controls current with industry standards
Interface with corporate groups including Corporate, Privacy and Security legal and Internal audit to ensure compliance with policy
Lead project team members and formalize risks and key controls associated with significant Oracle Cloud for Industry and GBU processes
Manage the vendor security program for the GBUs, facilitate vendor security assessments as required
Coordinate audit testing, documentation, self-assessment testing and remediation activities.
Make recommendations to correct deficiencies identified during the various audits.
Perform the role of compliance consultant and subject matter expert for the Oracle GBUs to help them improve their control environment as necessary
Manage project functions including project scheduling, tracking, communications, and controlling to ensure project meets its aim on schedule
Respond to security related requests and RFPs
Bachelor Degree or equivalent
CISA, CISM, CISSP, CIPP desired
10 years related experience
Formal training in project management
Fluency & extensive experience IT auditing and controls, preferable with SOX, SSAE 16 - SOC 1 & SOC 2, PCI compliance, NIST, DIACAP, FedRAMP, ISO 27001 & ISO 27002
Strong working knowledge of IT processes and IT infrastructure
Proven ability to combine business acumen, technical acumen and process expertise to define control requirements for SSAE 16 SOC 1 & SOC 2, PCI, ISO 27002 Demonstrated success in leading, controlling, & completing IT projects
Proven ability to influence & gain buy-in at multiple levels, across divisions, functions and cultures; comfort working with executive level management
Demonstrated ability to achieve results through cross-functional, virtual teams
Ability to prioritize, manage, and deliver on multiple projects simultaneously; highly motivated and able to work against aggressive schedules
Strong bias toward action, flexible, resourceful, and able to operate effectively within a dynamic, fast-pace environment
Superior communication skills (interpersonal, verbal, presentation written, email)
Positive attitude, team player, self-starter; takes initiative, ability to work independently
Discretion in handling confidential information
Work Location:*Strongly prefer candidates based in DC / MD / VA areas, or Orlando FL area, or Boston, MA. Open to considering candidates based in any US location.
Travel Component:Minimal (0 10%)
/As part of Oracle s employment process candidates will be required to complete a pre-employment screening process, prior to an offer being made. This will involve identity and employment verification, salary verification, professional references, education verification and professional qualifications and memberships (if applicable)./
/Oracle Supports Workforce Diversity/
Job: *Information Technology
Title: Principal Security Analyst - Oracle Global Business Units
Location: United States
Requisition ID: 1600157F