The Oracle Cloud Security & Compliance organization ensures the security and compliance of Oracle Cloud from initial design to compliance by way of security policy, processes, and procedure standards definition, assessment/audit and
certification, operation and continuous monitoring of cloud based security infrastructure.
Successful candidates for this role must be very comfortable taking a leadership role with regulatory compliance in a fast-paced organization. Candidates will be expected to lead new compliance efforts, as well as maintain existing regulatory
compliance obligations. A background in owning, leading, and managing the day-to-day compliance operations , continuous monitoring, assessment & authorization for Australian or U.S Federal Government and/or Department of Defense systems is required.
A strong working knowledge of the Australian Information Security Manual (ISM) NIST, or ISO 27001 standards is required.
Experience utilizing vulnerability management and GRC tools such as Nessus, Archer, Qualys, or similar is highly preferred.
Primary responsibilities of this role will include:
- US-based contact with regard to compliance operations within the Oracle Australian Public Sector Clouds;
- Manages IRAP assessments and ASD authorizations, documentation packages, audits and conducts analysis and results on a continuous basis;
- Evaluates regulatory compliance requirements and engages with a variety of cross functional teams;
- Key team member of engineering design and development of government cloud based systems;
- Evaluates and provides reasonable assurance that risk management, control, and governance systems are functioning as intended and will enable the organization's objectives and goals to be met;
- Reports risk management issues and internal controls deficiencies identified directly to the Cloud Regulatory Compliance Program and provide recommendations for improving the organization's operations, in terms of both efficient and effective performance;
- Evaluates information security and associated risk exposures;
- Evaluates regulatory compliance program with consultation from legal counsel;
- Evaluates the organization's readiness in case of business interruption;
- Maintains open communication with management and teams across Oracle Cloud Operations;
- Engages with other internal and external strategic resources as appropriate; and
- Evaluates applicable global standards & compliance frameworks to establish internal standards, guidelines, policies, processes, and procedures;
- Designs, develops and publishes internal program frameworks, checklists, policy, processes, procedures using creative publishing and editing software tools;
- Systematically and comprehensively documents the Government compliance program;
- ISO 27001, CISSP, CISA, CISM, PMP and other information assurance & security certifications preferred;
- Other duties as assigned;
U.S. Citizenship required. Position involves interaction with systems and data in Oracle's U.S. Government Cloud environments, access to which requires U.S. citizenship under government contracts and applicable regulations, laws and/or executive orders.
Must be able to complete one or more U.S. government background investigations and/or appropriate security clearance(s) as required by government contracts and due to applicable laws, regulations, and executive orders.
Executes security controls to prevent hackers from infiltrating company information or jeopardizing e-commerce programs.
Researches attempted efforts to compromise security protocols. Maintains security systems for routers and switches. Administers security policies to control access to systems. Maintains the company's firewall. Uses applicable encryption methods. Provides information to management regarding the negative impact on the business caused by theft, destruction, alteration or denial of access to information.
Leading contributor individually and as a team member, providing direction and mentoring to others. Work is non-routine and very complex, involving the application of advanced technical/business skills in area of specialization. Prefer 8 years relevant experience and BA/BS degree.Oracle will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of San Francisco's Fair Chance Ordinance.Oracle is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans status or any other characteristic protected by law.
Oracle is shifting the complexity from IT, moving it out of the enterprise by engineering hardware and software to work together—in the cloud.