Oracle Senior Information Security Compliance Engineer in Santa Clara, California
Executes security controls to prevent hackers from infiltrating company information or jeopardizing e-commerce programs.
Researches attempted efforts to compromise security protocols. Maintains security systems for routers and switches. Administers security policies to control access to systems. Maintains the company*s firewall. Uses applicable encryption methods. Provides information to management regarding the negative impact on the business caused by theft, destruction, alteration or denial of access to information.
Job duties are varied and complex; independent judgment needed. May have project lead role. Prefer 5 years relevant experience and BA/BS degree.
Oracle is an Affirmative Action-Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability, protected veterans status, age, or any other characteristic protected by law.
Senior Information Security *Compliance Engineer*
Location: United States with a preference for Morrisville, NC (must be willing to travel 25% to Morrisville, NC if NOT local)
NOTE: We are unable to provide visa sponsorship for this role at this time. No candidates requiring visa sponsorship will be considered.
Cloud Foundation Services (CFS) is a strategic component for providing critical cloud services to multiple Oracle Global Business Unit applications. Oracle Cloud Infrastructure (OCI), Oracle s second generation Infrastructure as a Service (IaaS), provides improved performance and reliability. CFS provides a microservice-driven platform, software delivery tool chain, and a continuous integration/continuous delivery operations model to support high margin, highly elastic, and highly available Software as a Service (SaaS) applications.
The CFS Compliance Engineering is part of the larger CFS Security and Compliance Engineering organization dedicated to the ongoing security of Oracle SaaS applications running in the GBU Cloud Native Environments. Applying expertise and leadership in security compliance, risk management and best practices the CFS Compliance Engineering team collaborates with a variety of other teams within the organization to ensure the CFS Cloud Native environment maintains a sustainable and high-quality approach to managing security compliance.
_Roles & Responsibilities_
As a member of the CFS Compliance Engineering team, you will be responsible for the development, deployment, monitoring and governance of one or more security compliance programs for the Cloud Foundation Services organization. In this security role, you will work closely with other corporate and business stakeholders to apply industry-standard best practices while formalizing programs that support strategic, tactical and operational security objectives of CFS in support of all GBU SaaS applications. As a technically competent self-starter with strong communication and project management skills, you will report to the Director of CFS Compliance Engineering.
Routinely acts as a subject matter expert in one or more compliance frameworks within CFS
Provides technical guidance and leadership to the technical engineers within the organization.
Develop risk management framework information assurance documentation
Help in evaluating relevant global standards, compliance frameworks and regulations to analyze existing controls; identify areas for improvement; and design control growth
Help support internal/external audits and evidence collection
Participate in defining, collecting and tracking various Security Metrics
Write knowledge base documents to improve operations, SOP and overall compliance goals
5-7 years cyber security, information security or information assurance experience
3-5 years of hands-on experience with, and a strong understanding of, several regulatory compliance frameworks such as GDPR, ISO, SOC1/2, PCI-DSS, HIPAA and FedRAMP
Experience securing cloud-based systems and solutions
Strong understanding of security best practices related to Network, Deployments, Systems and applications
Strong understanding of authentication and security protocols, cryptography, and application security
Knowledge of security tools and solutions such as Firewalls, IPS, Encryption and security monitoring, etc.
Experience in developing, reviewing, updating system documentation in support of compliance efforts
Strong understanding of software development lifecycles and modern cloud environments
Ability to multitask and handle changing priorities
Ability to work well under pressure and to meet tight deadlines
High level of motivation, confidence, integrity and responsibility
Strong analytical and critical thinking skills.
Strong organizational, written and verbal communication skills; ability to present analysis and conclusions with clarity and professionalism with all levels of management
Ability to work closely with cross-functional stakeholders
BS or MS in either Information Security, Computer Science, Information Management Systems, or related field or equivalent work experience
Knowledge of modern microservices architectures and technology (like Docker, Kubernetes, etc.)
Knowledge of network protocols (e.g., TCP/IP, UDP, DHCP, DNS, HTTP, HTTPS)
Experience working with Agile teams and DevOps models
Experience with secure coding standards
Experience working with at least two of the following languages (Python, Golang, Perl or Java)
Job: *Information Technology
Title: Senior Information Security Compliance Engineer
Location: United States
Requisition ID: 190016KH
- Oracle Jobs