A daily email of jobs matching your skills and preferences.Sign Up 👋
Security Analyst 5
Information Security Engineer
06/18/2021, 07:52 AM
12/15/2021, 07:52 AM
Applicants are required to read, write, and speak the following languages
Visa / work permit sponsorship is not available for this position
ACS Managed Security Services (MSS) mission is to Increase Oracle's Value Potential in the Managed Services market by providing a Managed Security and Compliance COE that draws together the existing Oracle Tooling, Cloud Services and Oracle Professional Services to build a holistic thoughtful Security and Compliance Offering tailored to the customers' needs in the Hybrid cloud environment.
Our MSS team is constantly evolving our capabilities on Oracle's Gen2 Cloud platform. We are looking for Security Technical Account Managers to help our customers to better understand their Hybrid cloud environment and more importantly that can assist them in building a holistic Security and Compliance program that will improve their ability to further adopt cloud technology. The ideal candidate will have demonstrable experience in solving business problems, engaging with product development and other partner organizations to drive and integrate required solutions.
Handle technical interactions with prospective clients and customers
Conduct workshops with both Technical as well as Business users to define and showcase the value provided by Oracle Cloud Platform and MSS Services.
Development and delivery of a customer-specific MSS Service Strategy as defined in workshops.
Support ACS Pre-Sales team in incorporating the customer specific MSS Service Strategy into Security Service Sales.
Work closely with clients, either from a technical and non-technical standpoint, delivering solutions that fulfill or exceed their requirements.
Use deep customer understanding to deliver a competitive advantage
Demonstrate commercial acuity when engaging and advising a customer
Provide MSS Product Management team with inputs from the field / customer interactions that can be used to further evolve the MSS Service Portfolio such that it is in alignment with customer needs and expectations.
Engage with ACS Marketing teams to provide inputs and support for MSS Marketing strategy and campaigns.
Engage with key business partners to understand requirements, perform business analysis, and architect / design security solutions.
Support and collaborate with partner teams (OCS, OCI Security, SaaS Security, IT, security operations, corporate governance, product development, etc.) on technical security & risk considerations.
Maintain a thoughtful connection to evolving solutions within Oracle, among industry cloud providers, and within 3rd parties.
Demonstrate flexibility and resilience in response to changing or ambiguous situations.
Voice support for current and future big picture security capabilities and controls, developing and communicating presentations internally and externally.
What You'll Bring:
BS or MS degree or equivalent experience relevant to the functional area with 10+ years of related experience.
Extensive cloud security architecture / design experience.
Extensive background in cloud applications, cloud platforms and/or experience providing cloud infrastructure platforms in sophisticated environments.
Experience with Oracle's software / hardware / cloud products and services.
Experience with other cloud provider offerings/capabilities a plus.
Solid grasp of both Windows and Linux platforms
Leadership & Soft Skill Qualifications
Prior experience solving sophisticated business problems with technology, including aspects unique to securing the cloud (provider / consumer perspective).
Good interpersonal and consulting skills to establish and maintain internal and external partnerships globally, negotiating risk against other business factors.
Positive influence to lead through frequent ambiguity / uncertainty / change.
Business savvy including the ability to see and convey the big picture.
Experience in risk assessment, risk management, and risk mitigation.
Knowledge of industry security concepts / frameworks and regulatory standards such as ISO-27001, NIST, PCI, HIPAA, FedRamp, etc.
CISSP, CCSK, GIAC, CISA or other security certifications preferred.
Develops and executes programs and processes to reduce information security risk and strengthen Oracle's security posture.
Supports the strengthening of Oracle's security posture, focusing on one or more of the following: risk management; regulatory compliance; threat and vulnerability management; incident management and response; security policy development and enforcement; privacy; information security education, training and awareness (ISETA); digital forensics and similar focus areas.
Risk Management: Brings expert level skills to assesses the information security risk associated with existing and proposed business operational programs, systems, applications, practices and procedures in very highly complex, business-critical environments that may span business units. May conduct and document very highly complex information security risk assessments. May assist in the creation and implementation of security solutions and programs.
Regulatory Compliance: Brings expert level skills to manage programs to establish, document and track compliance to industry and government standards and regulations, e.g. ISO-27001, PCI-DSS, HIPAA, FedRAMP, GDPR, etc. Researches and interprets current and pending governmental laws and regulations, industry standards and customer and vendor contracts to communicate compliance requirements to the business. Recognized leader in industry forums monitoring developments in regulatory compliance.
Threat and Vulnerability Management: Brings expert level skills to research, evaluate, track, and manage information security threats and vulnerabilities in situations where in-depth analysis of ambiguous information is required. Develops new tools and methodologies to carry out analysis, and trains others in their use.
Incident Management and response: Brings expert level skills to respond to security events, identifying possible intrusions and responding in line with Oracle incident response playbooks. May operate as Incident Commander on serious incidents. May develop new tools and methodologies to carry out analysis, and trains others in their use.
Digital Forensics: Brings expert level skills to conduct data collection, preservation and forensic analysis of digital media independently, where an advanced understanding of forensic techniques is required. Develops new tools and methodologies to carry out analysis, and trains others in their use.
Other areas of focus may include duties providing expert level skills and knowledge to manage Information Security Education, Training and Awareness programs. In a Corporate Security role, may manage the creation, review and approval of corporate information security policies.
Mentors, trains and supervises other staff.
Compiles information and reports for management.
Provides expert level guidance regarding information security methods, standards and best practices related to business operational programs, practices and procedures.
Minimum of 12 years experience in information systems, business operations, or related fields, at least 8 years of which must be from at least one of the following: Information security risk management; information security program management; Industry/Government security compliance program management (ISO-27001, GDPR, HIPAA, FedRamp, etc.); threat and vulnerability management; incident management and response; security policy development and enforcement; privacy, information security education, training and awareness (ISETA), information security solutions development, etc. required.
Expert level knowledge of: Cloud architecture and security principles. Risk Management Frameworks. *nix and Windows system administration. Experience with logging and log analysis.
Preferred but not required qualifications include: Bachelor-level university degree in a relevant field from an accredited university, or equivalent. CISSP, CISM, CISA, CIPP or other equivalent certification. Experience identifying, designing, and deploying attack-mitigation techniques with minimal business impact. Experience managing security incidents in an incident commander role. Comprehensive knowledge of networks, systems, applications and their related data flows. Ability to lead cross-departmental security initiatives and advocate for secure development, networks, and architecture. Demonstrable experience with scripting and automation. Expert level knowledge of web technologies, middleware, database, OS, firewalls, network communication protocols and methods. Knowledge of database security principles. Strong knowledge of encryption technologies and architectures. Experience with identity management principles and technology.If you are a Colorado resident, Please Contact us or Email us at firstname.lastname@example.org to receive compensation and benefits information for this role. Please include this Job ID: 110159 in the subject line of the email.
Innovation starts with inclusion at Oracle. We are committed to creating a workplace where all kinds of people can be themselves and do their best work. It's when everyone's voice is heard and valued, that we are inspired to go beyond what's been done before. That's why we need people with diverse backgrounds, beliefs, and abilities to help us create the future, and are proud to be an affirmative-action equal opportunity employer.
Oracle is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans status, age, or any other characteristic protected by law. Oracle will consider for employment qualified applicants with arrest and conviction records pursuant to applicable law.
A new window will open to the job source site.
Growing a career that's right for you is a life-changer, but it's undeniable that the job search gets tougher every year. With automated hiring processes, resume filters and questionable interview practices, finding a job that a tech skillset has become seriously challenging.
That's where we step in. Careeriscope can help lighten the stress load by making your search a bit easier. We help you find matches based on the job search criteria you set, then send a summary of the results in a daily email sent every morning for review.