- Develop detailed audit execution plans
- Work with multiple teams and personnel to gather audit evidence within specified timelines
- Report on audit status and corresponding problems to management
- Plan and execute service gap assessments reviews as assigned
- Identify, interpret, and evaluate Information Security risks and translate those into Business Risks
- Advise technical team members on methodologies to be compliant with a given set of controls
- Present findings to audited technical teams and negotiate suggested action plans
- Maintain solid fundamental understanding of Oracle Cloud services at a technical
- Foster a positive work environment by soliciting feedback from colleagues and developing the skills of staff auditors
- Provide feedback and support to update and maintain audit processes
- Promote a risk-conscientious environment; ensure efficient and effective risk and compliance management practices by adhering to required standards and practices
- Other duties as assigned
- Bachelor's Degree in Business Administration, Computer Science, Information Systems Administration an alternative technology related field.
- 3-5 years of Information Security, Internal Audit, or relevant IT experience.
- Knowledge of at least one of the following compliance frameworks: SSAE 16 SOC 1, SOC 2, ISO27001/ISO27002, PCI-DSS, or HIPAA.
- Knowledge of Cloud delivery models
- Good understanding and knowledge of business risks related to IT system general controls, systems / applications development, change management, logical access security, security technologies, local area network and wide area network concepts, contingency and recovery.
- Working knowledge of technology infrastructure (UNIX and Windows environments, Routers Firewalls, Networking protocols, Encryption, Cloud Services, Encryption, and/or Data Loss Prevention products).
- Can communicate well with virtual teams
- Excellent analytic, oral and written communication skills
- Open travel requirements (25%) with occasional travel overseas
- Prior experience with Cloud delivered services
- Experience with Sarbanes-Oxley preferred
- CISA, CISSP, CISM, or other relevant certification preferred
- HIPPA Experience a key requirement.
- Previous experience in compliance consulting
Executes security controls to prevent hackers from infiltrating company information or jeopardizing e-commerce programs.
Researches attempted efforts to compromise security protocols. Maintains security systems for routers and switches. Administers security policies to control access to systems. Maintains the company's firewall. Uses applicable encryption methods. Provides information to management regarding the negative impact on the business caused by theft, destruction, alteration or denial of access to information.
Leading contributor individually and as a team member, providing direction and mentoring to others. Work is non-routine and very complex, involving the application of advanced technical/business skills in area of specialization. Prefer 8 years relevant experience and BA/BS degree.Oracle is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans status or any other characteristic protected by law.
A little about us:
Oracle is shifting the complexity from IT, moving it out of the enterprise by engineering hardware and software to work together—in the cloud.