The IT Security Analyst for Global IT Risk Management (GIT RM) will join a team that ensures Global Information Technology systems, services, and sites are secure and compliant with Oracle Policies and GIT standards, regulatory and customer requirements.
This position may assist in key programs and projects to assess remediation and improve the risk posture, security and compliance of GIT services. The position may conduct assessments programs which utilize standard frameworks to evaluate the risks, security and the compliance of GIT services and to provide remediation guidance. The position is part of a team that is responsible for managing key security processes related to access, audit and compliance, as well as identifying and implementing technology and automation to assist with these assessments. Additional responsibilities will include key programs such as Standards documentation, Metrics, Awareness, Communications, and Reporting the status of services from a risk, security, compliance and continuity perspective.
The IT Security Analyst executes security controls to prevent hackers from infiltrating company information or jeopardizing e-commerce programs; provides information to management regarding the negative impact on the business caused by theft, destruction, alteration or denial of access to information; manage GIT Security Standards Library; and performs other duties as needed.
Location: Preferred locations are Orlando FL, Columbia MD and Lehi, UT. Other locations may be considered.
- 5 years experience developing, publishing and maintaining Information Security Policies, Standards & Procedures which includes hosting, networking, and client computing environments.
- 5 years IT Audit or Risk Management experience which includes hosting, networking, and client computing environments.
- 5 years of IT Security experience across multiple platforms, OS's, software, and network protocols.
- Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM) and Certified Information Systems Security Professional (CISSP) certifications are a plus.
- Bachelors Degree and/or Masters Degree in related field of study preferred.
- Excellent communication skills, analytical capability, judgment, self-driven, multi-tasking, proactively, and willingness to adapt to change in dynamic, global environment are critical.
- Understanding of information security risk management concepts, frameworks and standards (ISO, UCF, NIST, PCI, HIPAA).
- Understanding of information technology auditing concepts, frameworks and standards.
- Knowledge of international regulations and requirements related to information security risk management.
- Broad technical background in infrastructure and applications - especially Oracle components.
- Business savvy including the ability to see the big picture and the ability to effectively influence others.
Executes security controls to prevent hackers from infiltrating company information or jeopardizing e-commerce programs.
Researches attempted efforts to compromise security protocols. Maintains security systems for routers and switches. Administers security policies to control access to systems. Maintains the company's firewall. Uses applicable encryption methods. Provides information to management regarding the negative impact on the business caused by theft, destruction, alteration or denial of access to information.
Leading contributor individually and as a team member, providing direction and mentoring to others. Work is non-routine and very complex, involving the application of advanced technical/business skills in area of specialization. Prefer 8 years relevant experience and BA/BS degree.Oracle is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans status or any other characteristic protected by law.
A little about us:
Oracle is shifting the complexity from IT, moving it out of the enterprise by engineering hardware and software to work together—in the cloud.