Oracle Principal IT Security Compliance Analyst - Cloud in Chesterfield, Missouri
Executes security controls to prevent hackers from infiltrating company information or jeopardizing e-commerce programs.
Researches attempted efforts to compromise security protocols. Maintains security systems for routers and switches. Administers security policies to control access to systems. Maintains the company s firewall. Uses applicable encryption methods. Provides information to management regarding the negative impact on the business caused by theft, destruction, alteration or denial of access to information.
Leading contributor individually and as a team member, providing direction and mentoring to others. Work is non-routine and very complex, involving the application of advanced technical/business skills in area of specialization. Prefer 8 years relevant experience and BA/BS degree.
Oracle is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans status or any other characteristic protected by law.
_IT Security Compliance Analyst - Global Enterprise Public Cloud_
The Oracle Public Cloud Risk & Compliance organisation ensures the security and compliance of Oracle Cloud from initial design to compliance by way of security policy, processes, and procedure standards definition, assessment/audit and certification, operation and continuous monitoring of cloud based SaaS Services.
Successful candidates for this role must be very comfortable taking a leadership role with regulatory compliance in a fast-paced organisation. Candidates will be expected to lead new compliance efforts, as well as maintain existing regulatory compliance obligations. A background in owning, leading, and managing the day-to-day compliance operations, continuous monitoring, and/or assessment & authorisation is required. This position has Global ramifications for Oracle!
A strong working knowledge of the ISO 27001 framework is required. SOC1, SOC2, PCI, ISO 27000 series and similar skill and experience is a plus for the right candidate.
_Primary responsibilities of this role will include:_
Working with existing internal compliance operations team to maintain ISO 27001 certification.
Creating and maintain any supporting documentation for that compliance framework.
Evaluating regulatory compliance requirements and engages with a variety of cross functional teams;
Evaluating and providing reasonable assurance that risk management, control, and governance systems are functioning as intended and will enable the organisation s objectives and goals to be met;
Report risk management issues and internal controls deficiencies identified directly to the cloud regulatory compliance program and provide recommendations for improving the organisation s operations, in terms of both efficient and effective performance;
Evaluating information security and associated risk exposures;
Evaluating regulatory compliance program with consultation from legal counsel;
Evaluating the organisation s readiness in case of business interruption;
Maintaining open communication with management and teams across Oracle Cloud Operations;
Engaging with other internal and external strategic resources as appropriate; and
Evaluating applicable global standards & compliance frameworks to establish internal standards, guidelines, policies, processes, and procedures;
Designing, developing and publishing internal program frameworks, checklists, policy, processes, procedures using creative publishing and editing software tools;
Systematically and comprehensively documenting the compliance program;
_Qualifications necessary to perform well in this position:_
ISO 27001, CISSP, CISA, CRISC, CISM, Security , PMP and other security certifications preferred
Prefer 5 years relevant experience and university degree.
Must be able to complete one or more background investigations and/or appropriate security clearance(s) as required by government contracts and due to applicable laws, regulations, and executive orders.
Travel : Yes, 10-25 % of the Time
Job: *Information Technology
Title: Principal IT Security Compliance Analyst - Cloud
Location: CA,California-Redwood City
Requisition ID: 18000X2Z
Other Locations: United States, US-WA,Washington-Bellevue, US-WA,Washington-Seattle, US-CA,California-San Jose