Oracle Principal IT Security Compliance Analyst - Cloud in Sandy, Utah
Executes security controls to prevent hackers from infiltrating company information or jeopardizing e-commerce programs.
Researches attempted efforts to compromise security protocols. Maintains security systems for routers and switches. Administers security policies to control access to systems. Maintains the company s firewall. Uses applicable encryption methods. Provides information to management regarding the negative impact on the business caused by theft, destruction, alteration or denial of access to information.
Leading contributor individually and as a team member, providing direction and mentoring to others. Work is non-routine and very complex, involving the application of advanced technical/business skills in area of specialization. Prefer 8 years relevant experience and BA/BS degree.
Oracle is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans status or any other characteristic protected by law.
TheOracle Cloud Compliance team ensures the security and compliance of OracleCloud from initial design to compliance by way of security policy,processes, and procedure standards definition, assessment/audit andcertification, operation and continuous monitoring of cloud based securityinfrastructure. Successful candidates for this position must be verycomfortable taking a leadership role with regulatory compliance in afast-paced organization.
Theprimary focus of this role will be to manage and continually improve OracleCloud s certified Information Security Management System; including expandingthe control set from other relevant codes of practices (including ISO27017& ISO27018). Secondly, the candidate will analyse and assess the legal,regulatory and industry standard requirements relevant to providing Cloudservices throughout the EMEA/APAC region.
-[if !supportLists]-> -[endif]->CoordinatingCloud Compliance activities across the EMEA Region;
-[if !supportLists]-> -[endif]->To manageand develop the Information Security Management System (ISMS) in compliancewith ISO27001 certification requirements;
-[if !supportLists]-> -[endif]->Responsiblefor ensuring that any Cloud business practices within the Region do notcompromise the confidentiality, integrity or availability of the Cloud'sinformation assets;
-[if !supportLists]-> -[endif]->Responsiblefor understanding Cloud's information security risk appetite and how this mayevolve;
-[if !supportLists]-> -[endif]->Responsiblefor managing business information security risks; ensuring that adequatecontrols are defined, owned and implemented to reduce risks to an acceptablelevel;
-[if !supportLists]-> -[endif]->Responsiblefor monitoring the effectiveness of Cloud's information security arrangements;coming up with improvement plans where necessary within the Region;
-[if !supportLists]-> -[endif]->Responsiblefor reporting on the effectiveness of information security arrangementsin Cloud throughout the Region;
-[if !supportLists]-> -[endif]->Providingexpert advice on internal and third party Information Security matters as theyrelate to Cloud s information assets;
-[if !supportLists]-> -[endif]->Responsiblefor engaging with staff so they are aware of, and understand their informationsecurity responsibilities as employees; and
-[if !supportLists]-> -[endif]->Responsiblefor creating and promoting a culture of fit for purpose Information Securitypractices within Cloud throughout the Region.
-[if !supportLists]-> -[endif]->Experiencein performing a similar role as an Information Security Manager;
-[if !supportLists]-> -[endif]->Knowledgeof data protection principles and experience in facilitating dataprotection audits and recommending fit for purpose compliance regimes;
-[if !supportLists]-> -[endif]->Backgroundin Information Security with good working knowledge of Information Securityprinciples;
-[if !supportLists]-> -[endif]->Proventrack record of managing ISO27001 certified Information Security ManagementSystems;
-[if !supportLists]-> -[endif]->Strongability in developing and applying Risk Management frameworks;
-[if !supportLists]-> -[endif]->Experienceof working with or as part of an Internal Audit function;
-[if !supportLists]-> -[endif]->Excellentexperience of stakeholder engagement;
-[if !supportLists]-> -[endif]->Experiencein developing and documenting Information Security Policies, Standards andProcesses;
-[if !supportLists]-> -[endif]->Provenexperience of developing and delivering Information Security awareness trainingto others;
-[if !supportLists]-> -[endif]->Well-developedcommunication and interpersonal skills;
-[if !supportLists]-> -[endif]->Apositive attitude towards work and able to keep motivated with little or nosupervision; and
-[if !supportLists]-> -[endif]->InformationSecurity certifications such as M.Inst.ISP, CISSP or ISO27001 LeadAuditor/Implementer are desirable but not essential.
Job: *Information Technology
Title: Principal IT Security Compliance Analyst - Cloud
Location: CA,California-Redwood City
Requisition ID: 18000X2Y
Other Locations: United States, US-WA,Washington-Bellevue, US-WA,Washington-Seattle, US-CA,California-San Jose