Oracle Sr Security Compliance Analyst in Hato Rey, Puerto Rico

Executes security controls to prevent hackers from infiltrating company information or jeopardizing e-commerce programs.

Researches attempted efforts to compromise security protocols. Maintains security systems for routers and switches. Administers security policies to control access to systems. Maintains the company*s firewall. Uses applicable encryption methods. Provides information to management regarding the negative impact on the business caused by theft, destruction, alteration or denial of access to information.

Job duties are varied and complex; independent judgment needed. May have project lead role. Prefer 5 years relevant experience and BA/BS degree.

Oracle is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans status or any other characteristic protected by law.

Are you tired ofworking as the token security guy , finding issues and being told great, butthat would impact production, so no thanks ? Working with the same staletechnologies? Being slave to a clock? Being isolated from othersecurity-minded folk like you?

Oracle Data Cloud (ODC)has a number of openings for senior security professionals with wide varietiesof experience. Come for the money, hang out for the foosball andping-pong, and invest in yourself and Oracle with the training and growthopportunities available. (Tired of missing Black Hat?)

Work for a team that ismore interested in accomplishment than punching in a clock, supportswork-from-home (to varying degrees depending on role) and gets to play withcool new technologies in an environment which is cloud-heavy across multipleenvironments.

This Senior ITCompliance Security position is the least hands on of all our currentopenings, meaning you aren t going to be told to go deploy an enterprise IDSsystem any time soon. The opportunities are there, but for these jobs weare looking for people who have been around security awhile, maybe were once thatguy who engineered everything, but is now more interested in the complianceand governance side of security with a small organization inside a hugecompany. (Think: the popular table in the lunch room)

The primary focus willbe system design and user story reviews for security compliance and technicalremediation, which will involve becoming familiar with Oracle securitypractices and policies, as well as established frameworks.

These people will berequired to dig into Oracle Data Cloud (ODC) technologies, and provide securityengineering recommendations, requirements and direction to non-securitydevelopment, infrastructure and analytics teams.

Specificresponsibilities may include:

Monitor ticketing system queue for newproducts and initiatives within the Development, Infrastructure and Analyticsorganizations

Review project proposals,proof-of-concept designs and pilot implementations for compliance with securitystandards and policies, such as:

o Proper authentication

o Requisite encryption

o Security key and credential handling and management

o Aggressive rights control management

o Data isolation requirements

o Logging and retention of applications andinfrastructure components

o Cloud-to-cloud security concerns

o Other BS developers and product managers try to slidepast you

Constant review of existing securitycapabilities, and make recommendations for program augmentation

Other opportunities within the securityteam (engineering, architecture, operations, auditing, ethical hacking) asskills allow and interest dictates

Skills and Qualifications:

The ideal candidatewill be a strong, well-rounded security professional comfortable in some or allof: Windows, Linux, network, data and application security, and will be strongon most of the areas listed below.

Candidates, while notrequired to be keyboard-level technologists, must be comfortable goingtoe-to-toe with the best and brightest technical people in the industry whendiscussing security controls.

Strong understanding ofthe concepts below; the more the merrier:

Windows administration, engineering andarchitecture

Linux administration, engineering andarchitecture

Amazon AWS (or other cloud) familiarity

o Security groups

o Deploying AMIs

o Working with AWS policy

o Working with IAM


o (Don t worry. If you don t have this one, we llget you up to speed, but if you have it, consider yourself at an advantage.)

Web experience

o Familiar front- and back-end website technologies

Vulnerability scanning

Must communicate effectively

Check your ego at the office door, youneed to work effectively with many people, and your effectiveness will bedirectly tied to your knowledge of security and your ability to apply socialengineering to your coworkers to ensure successful projects. DBAD

Active CISSP, CISE orequivalent required (please provide your certification #), and 5 years experience in information security required.

Job: *Information Technology

Organization: *Oracle

Title: Sr Security Compliance Analyst

Location: VA,Virginia-Reston

Requisition ID: 1800033M

Other Locations: United States