Oracle Information Security Director, Digital Forensics in Albany, New York
Manage a team that is responsible for the information security function, including but not limited to information technology security controls and architecture, information privacy, incident response/investigations and digital forensics, disaster recovery and business continuity, regulatory compliance, communication and training for information security initiatives.
Manages teams that maintain and/or implement information security policies and procedures. Manages the development, deployment and execution of controls and defenses to ensure the security and risk mitigation of company infrastructure technology and information systems. Identifies security architecture, goals, objectives and metrics; analyzes business needs and priorities for protection of critical systems. Build security programs and assurance initiatives, e.g. threat and vulnerabilities management, incident response management, management of forensic investigations. Evaluates potential business impacts from security breaches and provides strategic and tactical guidance to business decision-makers. Develops and executes security systems compliance policies and procedures. Selects, develops and evaluates personnel to ensure the efficient operation of the function.
Minimum 10 years experience in the Information Security field required. Preferred but not required qualifications include: Bachelor-level university degree in a relevant field from an accredited university, or equivalent. 6 or more years of successful management experience including 2 or more years as a second level manager. At least 1 contribution in industry event, paper or project.
This is a remote/office based position which may be performed anywhere in the United States except for within the state of Colorado.
Oracle is an Affirmative Action-Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability, protected veterans status, age, or any other characteristic protected by law.
_GENERAL DESCRIPTION AND POSITION GOAL_
Director of Digital Forensics reports to the Director, Corporate Information Security Incident Management or other manager as assigned. The incumbent assists in managing Oracle’s corporate digital forensics program, oversees forensic collection activities throughout Oracle, and personally manages highly confidential and sensitive information about legal matters, security events, and investigations. In addition, the incumbent may provide technical advice and guidance to attorneys, human resources staff, physical security personnel, security incident response teams, or other stakeholders within Oracle.
Oversee and manage a team of digital forensics specialists which perform forensic collections and analysis globally for Oracle
Assess the team capabilities and establish baselines for standardizing and improving forensic methodologies
Build, manage and develop world-class team of functional specialists to ensure the efficient operation of the function across strategic corporate programs and processes.
Build strong relationships with peers and stakeholders across relevant Oracle business units, including Legal, Physical Security, and Human Resources.
Establish KPIs for measuring forensic collection and analysis success
Serve as quality control assessor for forensic collection and analysis
Ensure proper chain of custody measures are in use and documented by the team and any parties assisting the team
Serve as forensic lab owner, ensuring lab procedures are established, followed, and that all forensic collections adhere to legal hold compliance
Review forensic analysis reports for completeness and final approval if delivery to requestor is required.
Participate and lead with forum discussions with paralegals, attorney, and other investigators as needed
Establish 3 year roadmap of continual program improvement, with tangible 1 year goals and higher level longer term goals.
Serve as subject matter expert on digital forensics with the ability to speak authoritatively with internal stakeholders
Review, organize, and improve documentation of procedures and tool usage directly and through delegation
Prepare and review annual budget to account for hardware, software, and other capital expenditures
Assign and oversee work performed in conducting forensic investigations, ensuring that work is both authorized, satisfies the requestor’s scope, and is delivered in a timely manner
Assist in development of security incident investigation capabilities using forensic tools and validation of analysis findings
Engage with other lines of business contacts within Oracle to expand capabilities for collections by establishing trusted and trained employees to serve as virtual team members
Perform other duties as assigned
University degree from an accredited college or university, or equivalent certifications
10 years of experience in information security, law enforcement or other related field, and of which 5 years is directly related to digital forensics
Ability to project credibility and confidence at all levels of the organization.
Preferred: 5 or more years of successful team management experience
Strong technical experience, including multiple operating systems and networking
Expert knowledge of industry digital forensics standards and processes.
Knowledge of Oracle systems and software preferred
Strong organizational skills and detail-orientation essential
Experience with disk encryption solutions including Microsoft Bitlocker, LUKS, TrueCrypt, VeraCrypt, McAfee or Symantec Disk Encryption
Strong presentation, written and verbal communication skills
Self-starter: doesn’t need to be micro-managed
Excellent team player
Ability to document and transfer knowledge and cross-train others
Knowledge of forensic imaging and analysis of workstations, servers, cloud compute resources, and mobile devices
Expert level experience including certification in at least one of the following:
o BlackLight and MacQuisition
o Magnet Forensics Axiom
o OpenText/Guidance EnCase
o Cellebrite Tools
o Oxygen Detective
o FTK / AccessData Enterprise
Job: *Information Security Engineering
Title: Information Security Director, Digital Forensics
Location: United States
Requisition ID: 2100032L
- Oracle Jobs