Oracle Principal IT Security Analyst in Chesterfield, Missouri
Executes security controls to prevent hackers from infiltrating company information or jeopardizing e-commerce programs.
Researches attempted efforts to compromise security protocols. Maintains security systems for routers and switches. Administers security policies to control access to systems. Maintains the company s firewall. Uses applicable encryption methods. Provides information to management regarding the negative impact on the business caused by theft, destruction, alteration or denial of access to information.
Leading contributor individually and as a team member, providing direction and mentoring to others. Work is non-routine and very complex, involving the application of advanced technical/business skills in area of specialization. Prefer 8 years relevant experience and BA/BS degree.
Oracle is an Affirmative Action-Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability, protected veterans status, age, or any other characteristic protected by law.
Successful candidate will be responsible for maintaining, monitoring and supporting FedRAMP and DoD cloud authorization supporting US government agencies and their subcontractors. The Information Security Compliance Administrator is expected to champion the upkeep of authorization throughout the business, working with others to ensure documentation is kept up-to-date and processes and policies are appropriate.
Manage and maintain FedRAMP and DoD RMF cloud authorizations
Design, develop and maintain information security process and documentation, including maintenance of a Systems Security Plan (SSP) for FedRAMP
Manage and monitor progress against commitments for completion of remediation activities and action items in a POA&M
Support, facilitate and engage with auditors and business teams during certification audits
Maintain business relationships with interested parties on information security requirements
Organize integrate and build synergy on compliance programs for process and project maturity objectives to facilitate compliance to various statutory, regulatory, contractual, standard requirements
Deliver sound know-how and know-what to information security and business continuity projects
Management of document reviews and approval workflows
Collaboration with regional business units to ensure practical plans are in place
Conduct risk assessments to assets, projects and processes in a SaaS and IaaS environment
Required Skills & Experience:
Experience with FedRAMP and Department of Defense (DoD) Risk Management Framework (RMF) and risk assessment tools
Detailed understanding of the NIST 800-53 control catalog, FedRAMP Security Assessment Framework (SAF), and DoD Cloud Computing Security Requirements Guide (SRG)
Working experience with DISA Security Technical Implementation Guides STIGs
Thorough understanding of the latest security principles, techniques, and protocols
Fundamental understanding of security systems, including firewalls, intrusion detection systems, anti-virus software, authentication systems, log management, content filtering, etc.
Ability to communicate security issues to peers, management, customers, and end-users
Excellent problem solving skills and ability to work under pressure
US Citizens with ability to obtain a US security clearance
Desired Skills and Experience:
Working knowledge of production information system in a global SaaS environment
Familiarity with web related technologies (Web applications, Web Services, Service Oriented Architectures) and of network/web related protocols
Knowledge of standards and requirements with application security
Fundamental Understanding of the OWASP (Open Web Application Security Project) top 10
Knowledge and expertise in disciplines/ business functions and projects of risk, information security, business continuity, quality and environment management
A strong multi-tasker with a keen eye for detail
Organized and thrive in fast-paced, high-stress scenarios
Job: *Information Technology
Title: *Principal IT Security Analyst *
Location: United States
Requisition ID: 2000111H