As a function of Cloud Security Risk Management, Security Compliance Operations team supports Oracle customers subscribed to Cloud Security Services to meet their compliance needs while ensuring that services are offered in conformance to Global Information Security policies and to the highest recognized security standards and practices. The team liaises with several organizations within Commercial IT, Global IT, ACS/OMCS, Global Information Security and Legal teams to achieve its goals and objectives.
The candidate will have experience managing major initiatives driving change and disseminating information across lines of businesses and who is comfortable communicating and presenting content to internal or customer executives. Exposure to an understanding of Cloud services model is preferred.
Key responsibilities include:
- Execute different types of security assessments such as vulnerability scans, web application scans, firewall and network reviews, penetration testing, database risk assessments, etc.
- Prepare customer-facing reports on risks resulting from Internal and/or external security assessments
- Define, document, maintain, communicate security services for Cloud Services
- Support security audit activity related to Sarbanes Oxley, SSAE 16 and ISAE, PCI, HIPAA, 21 CFR Part, etc.
- Manage the delivery of Managed Security Services to ensure that contracted entitlements are delivered as agreed.
- Other ad-hoc projects as necessary
- Possess an understanding of security standards and risk management
- Have technical background and experience
- Have basic OS Unix/Linux and Database skills
- Have experience with Vulnerability Management tools (Nessus/ Qualys)
- Have excellent written and verbal communication skills
- Possess the ability to adjust and adapt to changing priorities in a dynamic environment
- Be able to multi-task, and be pro-active in addressing issues and requests quickly
- Possess technical acumen and the ability to understand and interpret technical specifications
- Possess Project Management Skills
- Previous experience in Information Security desired
- Professional certification related to information security desired
- Technical knowledge of Oracle Applications and Database and infrastructure components desired.