Oracle Product Engineering & Operations Security Compliance Analyst in Boston, Massachusetts

Product Engineering & Operations Security Compliance Analyst

Preferred Qualifications

Department Description

As a function of Cloud Services Risk Management, the Governance and Risk team addresses security requirements for hosted customers to meet their compliance needs while ensuring that services are offered in conformance with Oracle policies and to the highest recognized security standards and practices. The team liaises with several organizations within Oracle’s Global Information Technology, Global Information Security, Cloud Security, and Legal teams to achieve its goals and objectives.

Brief Posting Description

Assesses security control implementation and ensures compliance with contractual terms to maintain the security posture of hosted environments.

Job Description

Candidates for this position will:

  • Analyze customer contracts to obtain a complete understanding of terms related to security, compliance, and privacy

  • Assess implemented security, compliance, and privacy controls within customer environments to ensure compliance with contracted terms

  • Identify gaps in term compliance

  • Utilize advanced technical skills to recommend appropriate technical control implementation options to security operations and development teams

  • Track ongoing compliance status of contracted security, compliance, and privacy customer terms via dashboards, metrics, reports and other scalable program management processes

  • Communicate current security posture and contractual term compliance to Oracle customers, auditors, and executive leadership

  • Support 3 rd party and customer audits of implemented security controls

  • Work as a lead contributor individually, and as a team member, providing direction and mentoring to others as needed/requested

  • Complete other duties as assigned

Basic Qualifications:

  • 5 years of experience with information assurance, security control application & assessment

  • Experience with network vulnerability assessment and protection

  • Knowledge of Compliance frameworks (e.g., ISO 27001, FedRAMP, SOC, HIPAA, PCI)

  • Information Assurance/Security/Network Certifications, including CISM, CISA, CISSP preferred

  • Bachelor’s Degree in Information Systems, Computer Science, or equivalent

  • Ability to work independently

  • Exceptional communication and presentation skills

  • Ability to travel for up to 20% of the time

Additional Qualifications:

  • 8 years of experience in a professional work environment

  • Knowledge of DISA STIGs, Security Checklists, SRRs, etc.

  • Knowledge of Windows, Solaris, and Linux Security controls and policies

  • Knowledge of interface and networking components

  • Experience with Internet security probing and scanning tools

  • Contracts experience

  • Project/Program Management Experience

  • Comprehensive understanding of Oracle Cloud products

  • Cloud security, operations, and/or development experience

  • Ability to identify, implement and discuss complex technical security controls with subject matter experts

Detailed Description and Job Requirements

Executes security controls to prevent hackers from infiltrating company information or jeopardizing e-commerce programs.

Researches attempted efforts to compromise security protocols. Maintains security systems for routers and switches. Administers security policies to control access to systems. Maintains the company’s firewall. Uses applicable encryption methods. Provides information to management regarding the negative impact on the business caused by theft, destruction, alteration or denial of access to information.

Leading contributor individually and as a team member, providing direction and mentoring to others. Work is non-routine and very complex, involving the application of advanced technical/business skills in area of specialization. Prefer 8 years relevant experience and BA/BS degree.

Oracle is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans status or any other characteristic protected by law.

Job: Information Technology

Location: US-CA,California-Redwood City

Other Locations: US-CO,Colorado-Denver, US-MT,Montana-Bozeman, US-MA,Mass-Cambridge, US-CA,California-Pleasanton, US-CA,California-Santa Clara, US-TX,Texas-Austin, US-WA,Washington-Bellevue

Job Type: Regular Employee Hire

Organization: Oracle