Principal Security Analyst - Oracle Global Business Units

Executes security controls to prevent hackers from infiltrating company information or jeopardizing e-commerce programs.
Researches attempted efforts to compromise security protocols. Maintains security systems for routers and switches. Administers security policies to control access to systems. Maintains the company s firewall. Uses applicable encryption methods. Provides information to management regarding the negative impact on the business caused by theft, destruction, alteration or denial of access to information.
Leading contributor individually and as a team member, providing direction and mentoring to others. Work is non-routine and very complex, involving the application of advanced technical/business skills in area of specialization. Prefer 8 years relevant experience and BA/BS degree.
Oracle is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans status or any other characteristic protected by law.
PrincipalSecurity Analyst
Security, Risk and Regulatory Compliance Oracle Global Business Units

_Position Description_
This senior position in the Security, RiskManagement and Regulatory Compliance team will have responsibility for assuringthat the GBUs' Development, Cloud Operations and Services teams properly manageregulatory requirements related to the design, development, deployment andpost-deployment of products and services.
The position willdrive the development and implement a comprehensive risk management andregulatory compliance strategy across the GBUs to optimize and continuouslyimprove the information security of the GBU products and services. The rolerequires coordination between the GBUs Development, Cloud Services, Services,and Operations teams and Oracle's centralized Corporate Security Group andOracle Legal organizations.
This team will ensure that the ITenvironment implements, demonstrates and continuously monitors the controlsrequired to meet key security frameworks and regulatory requirements includingISO 2700x, PCI DSS, HIPAA and SSAE 16 as required by the GBUs.
Build a world class security andcompliance program to support a heterogeneous group of businesses
Collaborate with LoB security leadersto ensure awareness and consistency in approach and delivery
Facilitate third party attestations,audits and certification efforts for the GBUs
Develop customer facing documentationthat describe the security and compliance across the GBUs including OracleCloud for Industry
Assess the Cloud compliance and security landscapeto keep OCI controls current with industry standards
Interface with corporate groupsincluding Corporate, Privacy and Security legal and Internal audit to ensurecompliance with policy
Lead project team members andformalize risks and key controls associated with significant Oracle Cloud forIndustry and GBU processes
Manage the vendor security programfor the GBUs, facilitate vendor security assessments as required
Coordinate audit testing,documentation, self-assessment testing and remediation activities.
Make recommendations to correctdeficiencies identified during the various audits.
Perform the role of complianceconsultant and subject matter expert for the Oracle GBUs to help them improvetheir control environment as necessary
Manage project functions includingproject scheduling, tracking, communications, and controlling to ensure projectmeets its aim on schedule
Respond to security related requestsand RFPs
_Preferred Qualifications_
Bachelor Degree or equivalent
10 years related experience
Formal training in project management
Fluency & extensive experience ITauditing and controls, preferable with SOX, SSAE 16 - SOC 1 & SOC 2, PCIcompliance, NIST, DIACAP, FedRAMP, ISO 27001 & ISO 27002
Strong working knowledge of ITprocesses and IT infrastructure
Proven ability to combine businessacumen, technical acumen and process expertise to define control requirementsfor SSAE 16 SOC 1 & SOC 2, PCI, ISO 27002 Demonstrated success inleading, controlling, & completing IT projects
Proven ability to influence &gain buy-in at multiple levels, across divisions, functions and cultures;comfort working with executive level management
Demonstrated ability to achieveresults through cross-functional, virtual teams
Ability to prioritize, manage, anddeliver on multiple projects simultaneously; highly motivated and able to workagainst aggressive schedules
Strong bias toward action, flexible,resourceful, and able to operate effectively within a dynamic, fast-paceenvironment
Superior communication skills(interpersonal, verbal, presentation written, email)
Positive attitude, team player,self-starter; takes initiative, ability to work independently
Discretion in handling confidentialinformation

Work Location: Strongly prefer candidates based in DC / MD / VAareas, or Orlando FL area, or Boston, MA. Open to considering candidates based in any US location.
Travel Component: Minimal (0 10%)
/As part of Oracle semployment process candidates will be required to complete a pre-employmentscreening process, prior to an offer being made. This will involve identity andemployment verification, salary verification, professional references,education verification and professional qualifications and memberships (ifapplicable)./
/ /
/OracleSupports Workforce Diversity/
Job: Information Technology
Organization: Oracle
Title: Principal Security Analyst - Oracle Global Business Units
Location: United States
Requisition ID: 1600157F e71b12ab20024c4e8d1e9ec623e23e2f

Don't Be Fooled

The fraudster will send a check to the victim who has accepted a job. The check can be for multiple reasons such as signing bonus, supplies, etc. The victim will be instructed to deposit the check and use the money for any of these reasons and then instructed to send the remaining funds to the fraudster. The check will bounce and the victim is left responsible.