Oracle Principal IT Security Compliance Analyst - Cloud in Seattle, Washington

Principal IT Security Compliance Analyst - Cloud

Preferred Qualifications

The

Oracle Cloud Compliance team ensures the security and compliance of Oracle

Cloud from initial design to compliance by way of security policy,

processes, and procedure standards definition, assessment/audit and

certification, operation and continuous monitoring of cloud based security

infrastructure. Successful candidates for this position must be very

comfortable taking a leadership role with regulatory compliance in a

fast-paced organization.

The

primary focus of this role will be to manage and continually improve Oracle

Cloud’s certified Information Security Management System; including expanding

the control set from other relevant codes of practices (including ISO27017

& ISO27018). Secondly, the candidate will analyse and assess the legal,

regulatory and industry standard requirements relevant to providing Cloud

services throughout the EMEA/APAC region.

Responsibilities:

  • Coordinating

Cloud Compliance activities across the EMEA Region;

  • To manage

and develop the Information Security Management System (ISMS) in compliance

with ISO27001 certification requirements;

  • Responsible

for ensuring that any Cloud business practices within the Region do not

compromise the confidentiality, integrity or availability of the Cloud's

information assets;

  • Responsible

for understanding Cloud's information security risk appetite and how this may

evolve;

  • Responsible

for managing business information security risks; ensuring that adequate

controls are defined, owned and implemented to reduce risks to an acceptable

level;

  • Responsible

for monitoring the effectiveness of Cloud's information security arrangements;

coming up with improvement plans where necessary within the Region;

  • Responsible

for reporting on the effectiveness of information security arrangements

in Cloud throughout the Region;

  • Providing

expert advice on internal and third party Information Security matters as they

relate to Cloud’s information assets;

  • Responsible

for engaging with staff so they are aware of, and understand their information

security responsibilities as employees; and

  • Responsible

for creating and promoting a culture of fit for purpose Information Security

practices within Cloud throughout the Region.

Experience:

  • Experience

in performing a similar role as an Information Security Manager;

  • Knowledge

of data protection principles and experience in facilitating data

protection audits and recommending fit for purpose compliance regimes;

  • Background

in Information Security with good working knowledge of Information Security

principles;

  • Proven

track record of managing ISO27001 certified Information Security Management

Systems;

  • Strong

ability in developing and applying Risk Management frameworks;

  • Experience

of working with or as part of an Internal Audit function;

  • Excellent

experience of stakeholder engagement;

  • Experience

in developing and documenting Information Security Policies, Standards and

Processes;

  • Proven

experience of developing and delivering Information Security awareness training

to others;

  • Well-developed

communication and interpersonal skills;

  • A

positive attitude towards work and able to keep motivated with little or no

supervision; and

  • Information

Security certifications such as M.Inst.ISP, CISSP or ISO27001 Lead

Auditor/Implementer are desirable but not essential.

Detailed Description and Job Requirements

Executes security controls to prevent hackers from infiltrating company information or jeopardizing e-commerce programs.

Researches attempted efforts to compromise security protocols. Maintains security systems for routers and switches. Administers security policies to control access to systems. Maintains the company’s firewall. Uses applicable encryption methods. Provides information to management regarding the negative impact on the business caused by theft, destruction, alteration or denial of access to information.

Leading contributor individually and as a team member, providing direction and mentoring to others. Work is non-routine and very complex, involving the application of advanced technical/business skills in area of specialization. Prefer 8 years relevant experience and BA/BS degree.

Oracle is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans status or any other characteristic protected by law.

Job: Information Technology

Location: US-CA,California-Redwood City

Other Locations: United States, US-WA,Washington-Bellevue, US-WA,Washington-Seattle, US-CA,California-San Jose

Job Type: Regular Employee Hire

Organization: Oracle