Oracle

As a member of the Consulting organization, you are responsible for ensuring that a quality, integrated software solution is delivered in a timely manner, at budget, and to our client's satisfaction. This involves working closely with the client to understand and manage their expectations, as well as working closely with Oracle and third-party vendors to ensure delivery.

Provide engagement delivery services both as an individual and as a team member. Services include identifying needs, developing, influencing and implementing proposals. Able to lead, support and participate on project teams.

Job duties are varied and complex that need independent judgment. May have project lead role. A BS or BA in related fields. 7-9 years overall experience in functional or technical role. Two years experience in multi-dimensional issue resolution. Ability to communicate effectively. Ability to build rapport with team members and clients. Willing to travel regionally with some national travel.

Job Role

Consulting Security Lead [CSL]

Job Profile

Consulting is accountable for security assurance of what it delivers to its customers.

Consulting will be responsible for Oracle Software and Security Assurance [OSSA] compliance of any design, configurations, data migrations, integrations or custom coded modules/reports executed by Oracle Consultants as part of service delivery. 

The Consulting Security Lead (CSL) plays a critical role in Consulting for planning and managing the security compliance activities of a Consulting division.

• Five+ years technical and/or code development background sufficient to allow the CSL to knowledgeably communicate with and monitor the training and compliance activities of division CSS personnel and project code developers
• Project or program management experience
• Four+ years in roles that provided significant exposure to IT security standards and/or compliance activities
• Good knowledge of cloud technology and security with exposure to Oracle products
• Excellent communication and people management skills
• Excellent cross-LOB collaboration skills

Responsibilities

• Provides Security Assurance/OSSA program oversight & leadership within the division/region
• The CSL is responsible for leading the security compliance effort within their division/region
• Motivating the organization to adhere to security assurance practices.
• The CSL works with Global Product Security (GPS), Security Program Management (SPM) to evaluate compliance with OSSA for Consulting standards
• The CSL is responsible for ensuring that all activity is compliant with all security assurance procedures
• Arranges for selection, training, management, and assignment to projects of Consulting Security Specialists (CSS) along with PM
• Single point of contact and update status to divisional/regional management and SPM
• Coordinate changes to bid preparation to include required Security Assurance labor hours
• Mentor and train consulting security specialist, bid and project teams on the security assurance requirements
• Coordinate Security Assurance communications:
• Messaging: keep security to-of-mind with the field
• Promote & support CSL/CSS community
• Spread the word in other professional communities inside organization
• Keep division management & GPS up to date on rollout progress

Detailed Job Description

Follow and executes programs and processes to reduce information security risk and strengthen security posture.

Supports the strengthening of project security posture, focusing on one or more of the following: risk management; regulatory compliance; threat and vulnerability management; security policy enforcement; privacy; security education and similar focus areas.

Risk Management: Assesses the information security risk associated with respect to consulting service delivery and solution deployment. May assist in formulation of mitigation options.

Security Planning: Ensure project security activities and assurance review are planned in all the projects in the Division

Design Review: Help PM and other security staffs to perform security design review of solution in scope and provide recommendations.

Regulatory Compliance: Ensure projects are in compliance to industry and government standards and regulations, e.g. ISO-27001, PCI-DSS, HIPAA, FedRAMP, GDPR, etc. 

Threat and Vulnerability Management: May evaluate and track information security threats and vulnerabilities related to solution delivered to the customers

Other areas of focus may include duties managing Security Education, Training and Awareness programs, compile’s information and reports for management.

Minimum of 11 years’ experience in information systems, development, consulting or related fields, 4+ years of which must be from at least one of the following: Information security risk management; information security program management; Industry/Government security compliance program management (ISO-27001, GDPR, HIPAA, FedRamp, etc.); threat and vulnerability management; security policy development and enforcement; privacy, information security education, training and awareness (ISETA), information security solutions development, etc. required.

Qualification

Bachelor-level university degree in a relevant field from an accredited university or equivalent.

Desirable Certifications

• CISSP, CSSP, CSSLP, CISM, CISA, CIPP, CCSK, CEH or other equivalent certification. Any one of these is mandatory
• Experience managing security incidents and vulnerabilities through their life cycle. 
• Knowledge of secure software design principles and the software development life cycle.
• Experience with at least 1 or more of the vulnerability scanning and testing tool (Qualys, Burp Suite, Appspider etc.).

An Oracle career can span industries, roles, Countries and cultures, giving you the opportunity to flourish in new roles and innovate, while blending work life in. Oracle has thrived through 40+ years of change by innovating and operating with integrity while delivering for the top companies in almost every industry.

In order to nurture the talent that makes this happen, we are committed to an inclusive culture that celebrates and values diverse insights and perspectives, a workforce that inspires thought leadership and innovation.

Oracle offers a highly competitive suite of Employee Benefits designed on the principles of parity, consistency, and affordability. The overall package includes certain core elements such as Medical, Life Insurance, access to Retirement Planning, and much more. We also encourage our employees to engage in the culture of giving back to the communities where we live and do business.

At Oracle, we believe that innovation starts with diversity and inclusion and to create the future we need talent from various backgrounds, perspectives, and abilities. We ensure that individuals with disabilities are provided reasonable accommodation to successfully participate in the job application, interview process, and in potential roles. to perform crucial job functions.

That’s why we’re committed to creating a workforce where all individuals can do their best work. It’s when everyone’s voice is heard and valued that we’re inspired to go beyond what’s been done before.

Oracle is an Equal Employment Opportunity Employer*. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans’ status, or any other characteristic protected by law. Oracle will consider for employment qualified applicants with arrest and conviction records pursuant to applicable law.

• Which includes being a United States Affirmative Action Employer