Oracle Regulatory Compliance Specialist - REMOTE in Raleigh, North Carolina
Assists and supports the organization in complying with, as well as the ongoing preparation, testing and monitoring of conformance to, the requirements of government regulations and/or regulatory agencies.
Performs evaluation of internal operations, controls, communications, risk assessments and maintenance of documentation as related to regulatory compliance and recommends appropriate changes. Conducts and facilitates internal and external audits to identify, evaluate, disclose and appropriately remedy risks and deficiencies. Coordinates the preparation of and may prepare document packages for regulatory submissions from all areas of company as well as for internal and external audits and inspections. May serve as point of contact for interactions with regulatory agencies for defined matters. Respond to security related requests and RFPs . Update and maintain internal and externally facing security documentation. Coordinate and facilitate 3rd party audit activities. Maintain and track required security training for the GBUS. Maintain and update security and compliance reporting. Facilitate vendor security assessments as needed. Manage security and compliance related projects for the GBUs.
Job duties are varied and complex utilizing independent judgment. Ability to travel. 5 plus years experience. BA/BS or advanced degree preferred. CISA, CISM, CISSP, CIPP desired. Experience with IT auditing and controls, preferable with SOX, SSAE 16 - SOC 1 & SOC 2, PCI compliance, NIST, DIACAP, FedRAMP, ISO 27001 & ISO 27002. Have an understanding of security standards and risk management. Excellent written and verbal communication skills. Ability to adjust and adapt to changing priorities in a dynamic environment. Technical acumen and the ability to understand and interpret technical specifications. Technical knowledge of Oracle Applications and Database and/or infrastructure components. Project Management Skills.
Oracle is an Affirmative Action-Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability, protected veterans status, age, or any other characteristic protected by law.
Regulatory Compliance Specialist - REMOTE
Job Location: United States with a preference for Morrisville, NC (must be willing to travel 25% to Morrisville, NC if NOT local)
NOTE: We are unable to provide visa sponsorship for this role at this time. No candidates requiring visa sponsorship will be considered.
Cloud Foundation Services (CFS) is a strategic component for providing critical cloud services to multiple Oracle Global Business Unit applications. Oracle Cloud Infrastructure (OCI), Oracle s second generation Infrastructure as a Service (IaaS), provides improved performance and reliability. CFS provides a microservice-driven platform, software delivery tool chain, and a continuous integration/continuous delivery operations model to support high margin, highly elastic, and highly available Software as a Service (SaaS) applications.
The CFS Compliance Engineering is part of the larger CFS Security and Compliance Engineering organization dedicated to the ongoing security of Oracle SaaS applications running in the GBU Cloud Native Environments. Applying expertise and leadership in security compliance, risk management and best practices the CFS Compliance Engineering team collaborates with a variety of other teams within the organization to ensure the CFS Cloud Native environment maintains a sustainable and high-quality approach to managing security compliance.
_Roles & Responsibilities_
As a member of the CFS Compliance Engineering team, you will be responsible for the development, deployment, monitoring and governance of one or more security compliance programs for the Cloud Foundation Services organization. In this security role, you will work closely with other corporate and business stakeholders to apply industry standard best practices while formalizing programs that support strategic, tactical and operational security objectives of CFS in support of all GBU SaaS applications. As a technically competent self-starter with strong communication and project management skills you will report to the Director of CFS Compliance Engineering.
Provides subject matter expertise in one or more compliance frameworks within CFS
Provides technical guidance to the engineering team within the organization
Develop risk management framework information assurance documentation
Help in evaluating relevant global standards, compliance frameworks and regulations to analyze existing controls; identify areas for improvement; and design control growth
Help support internal/external audits and evidence collection
Participate in defining, collecting and tracking various Security Metrics
Write knowledge base documents to improve operations, SOP and overall compliance goals
2 years cybersecurity, information security, assurance or related experience
1 years of hands-on experience with, and strong understanding of, one or more regulatory compliance frameworks such as GDPR, ISO, SOC1/2, PCI-DSS, HIPAA and FedRAMP
Experience securing cloud-based systems and solutions
Knowledge of security best practices related to Network, Deployments, Systems and applications
Knowledge of authentication and security protocols, cryptography, and application security
Knowledge of security tools and solutions such as Firewalls, IPS, Encryption and security monitoring, etc.
Experience in developing, reviewing, updating system documentation in support of compliance efforts
Strong understanding of software development lifecycles and modern cloud environments
Ability to multitask and handle changing priorities
Ability to work well under pressure and to meet tight deadlines
High level of motivation, confidence, integrity and responsibility
Strong analytical and critical thinking skills
Strong organizational, written and verbal communication skills; ability to present analysis and conclusions with clarity and professionalism with all levels of management
Ability to work closely with cross-functional stakeholders
BS or MS in either Information Security, Computer Science, Information Management Systems, or related field or equivalent work experience
Knowledge of modern microservices architectures and technology (i.e. Docker, Kubernetes)
Knowledge of network protocols (e.g., TCP/IP, UDP, DHCP, DNS, HTTP, HTTPS)
Experience working with Agile teams and DevOps models
Experience with secure coding standards
Experience working with at least two of the following languages (Python, Golang, Perl or Java)
Job: *Business Operations
Title: Regulatory Compliance Specialist - REMOTE
Location: United States
Requisition ID: 19001CQF
- Oracle Jobs