Oracle Senior Assurance Engineer in Chesterfield, Missouri
Design, develop, troubleshoot and debug software programs for databases, applications, tools, networks etc.
As a member of the software engineering division, you will assist in defining and developing software for tasks associated with the developing, debugging or designing of software applications or operating systems. Provide technical leadership to other software developers. Specify, design and implement modest changes to existing software architecture to meet changing needs.
Duties and tasks are varied and complex needing independent judgment. Fully competent in own area of expertise. May have project lead role and or supervise lower level personnel. BS or MS degree or equivalent experience relevant to functional area. 4 years of software engineering or related experience.
Oracle is an Affirmative Action-Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability, protected veterans status, age, or any other characteristic protected by law.
The Oracle SaaS Cloud Security (SCS) – Senior Assurance Engineer, is a career technical position focused on understanding SaaS security performance & compliance posture, anticipating potential blockers to meeting objectives, helping prioritize and contextualize those solution paths – and has a very broad exposure to the domain subject matter experts, as well technical and process across SCS and all SaaS lines of business (LOB). This Senior Assurance Engineer will leverage existing assurance models and methods while redefining more effective and efficient approaches to value delivery in the assurance space.
This role can be remote.
The position incorporates national and international legal and regulatory cyber security requirements including laws, policies, and standards with industry recognized accreditation and standards to develop and implement an Oracle common compliance framework and accreditation practices. The position will require broad domain knowledge in the identification and application of security industry best practices, forward looking technology tools and techniques, and I.T. governance to meet current and future organizational requirements. The position works under the supervision of the Director of SaaS Security – Governance, Risk and Compliance (GRC), with dotted line accountability to the V.P.
The Senior Assurance Engineer is the functional specialist, and manages systems, processes, program(s) and artifacts used in various organizational GRC functions including, but not limited to:
Definition and implementation of GRC automation solutions
Drive continuous improvement identification, planning and monitoring activities and collateral of security services across SaaS Cloud Security (SCS) teams.
Conduct compliance readiness assessments leveraging various commercial & regulatory compliance frameworks - PCI, HIPAA, SOC2, ISO 27001, NIST Cybersecurity Framework (CSF), etc.
Perform risk/threat assessments against identified issues/gaps leveraging industry cybersecurity risk scoring models such as OCTAVE, FAIR, NIST RMF
Demonstrate to internal/external oversight stakeholders that GRC program objectives are met and facilitate improvements where needed
Support the SCS Cyber Security Posture Program
Supports ongoing configuration, management and operations of GRC automation solutions
The position operates in cooperation with Global Information Systems (GIS), Oracle legal, Oracle product teams, and line-of-business compliance teams to deliver a highly secure customer environment that can be validated and measured against defined audit criteria.
Shifting Left. The scope of the SaaS Cloud Security – Senior Assurance Engineer is the direct contributor that conducts proactive compliance readiness assessments. This candidate will define and implement workflows, processes and technology that will proactively stage the requisite delivery of evidence supporting successful compliance audit outcomes. The Senior Assurance Engineer will work with data collection tools and mechanisms, workflow automation software, compliance storage and reporting tools, data repositories and archives, and automated or manual system administration tools, processes, and activities. The role participates in audit interviews with internal and external auditors and provides clear and concise information on the security practices and control objectives in scope of audits.
This role will implement regular communication/reporting channels with operations resources at the product, service, or line-of-business level and ensures accurate and complete information that is within allowed audit timeframes and target periods. Additionally, this role may contribute to daily, weekly and ad-hoc compliance meetings that are facilitated and attended to accomplish audit planning, review and conduct current audits, and after action meetings to resolve identified audit deficiencies. The right candidate will have the strong ability to prioritize multiple competing requirements with coinciding deadlines and will have to make immediate decisions as to how tasks get prioritized in real-time based on pragmatic assessment of need and results and adjust the bar as needed.
Requisite qualifications for the SaaS Compliance Security – Senior Assurance Engineer is:
A minimum of a four-year technical degree or commensurate professional or military experience is required. A master’s degree in a technology discipline is preferred. The applicant must have prior information technology experience working in a complex I.T. environment composed of multiple operating platforms and enterprise software solutions. Experience in an enterprise cloud environment using software as a service (SaaS) technology is preferred. The applicant should have direct knowledge and experience with a variety of common security compliance standards and frameworks including SOC 1/2. PCI-DSS, ISO 27000 series. Industry certifications such as CISSP, CISM, CISA, CISM, ITIL, LSSBB, PMP is preferred.
Prior security experience within information technology at the A level is required. The applicant must be able to show demonstrable project or program management participation with significant aspects of individual responsibility. The role requires a meticulous and detail-oriented approach with a proven ability in time management and task completion to standards. Prior experience Cloud technologies, Certification/Accreditation processes, security standards/playbooks, security testing & validation and various compliance standards is a plus.
Experience with one or more common industry GRC tool suites including Archer, ServiceNow, MetricStream, ZenGRC and Allgress is required. Experience with Atlassian tools including JIRA, and Confluence is preferred. The job is a high trust position with access to systems, control data, customer information and demographics, sales data, and other Oracle proprietary or confidential data and may require a government security clearance in the future. Applicants must be able to pass a rigorous background screening and employment check with periodic reinvestigation.
Work is non-routine and very complex, involving the application of advanced technical/business skills in area of specialization. Leading contributor individually and as a team member, providing direction and mentoring to others. Seven years of project management, product design or related experience preferred
Detailed Description and Job Requirements
Manage the development and implementation process of a specific company product.
Manage the development and implementation process of a specific company product involving departmental or cross-functional teams focused on the delivery of new or existing products. Plan and direct schedules and monitor budget/spending. Monitor the project from initiation through delivery. Organize the interdepartmental activities ensuring completion of the project/product on schedule and within budget constraints. Assign and monitor work of systems analysis and program staff, providing technical support and direction.
Work is non-routine and very complex, involving the application of advanced technical/business skills in area of specialization. Leading contributor individually and as a team member, providing direction and mentoring to others. BS or MS degree or equivalent experience relevant to functional area. Seven years of project management, product design or related experience preferred.
Job: *Product Development
Title: Senior Assurance Engineer
Location: United States
Requisition ID: 20000V2X