1. Home
  2. Principal Security Analyst, EMEA Compliance
Expires soon
Oracle

Principal Security Analyst, EMEA Compliance

  • Reading (Berkshire)
  • IT development
Apply Now

Job description

Executes security controls to prevent hackers from infiltrating company information or jeopardizing e-commerce programs.

Researches attempted efforts to compromise security protocols. Maintains security systems for routers and switches. Administers security policies to control access to systems. Maintains the company's firewall. Uses applicable encryption methods. Provides information to management regarding the negative impact on the business caused by theft, destruction, alteration or denial of access to information.

Leading contributor individually and as a team member, providing direction and mentoring to others. Work is non-routine and very complex, involving the application of advanced technical/business skills in area of specialization. Prefer 8 years relevant experience and BA/BS degree.

As part of Oracle's employment process candidates will be required to complete a pre-employment screening process, prior to an offer being made. This will involve identity and employment verification, salary verification, professional references, education verification and professional qualifications and memberships (if applicable).

Desired profile

Qualifications :

As an IT Compliance Analyst, you will organize and facilitate information system audits and security special reviews for third party audits of multiple SaaS services within the Oracle Cloud.
You will be responsible for supporting assurance process with Public Sector Customers; supporting internal Operations teams with UKG compliance issues; access control/security clearances for UKG; supporting the wider International Compliance team in maintaining ISO 27001 certification; co-ordinating vulnerability management of Cloud environments
Key Responsibilities
· Develop detailed audit execution plans
· Work with multiple teams and personnel to gather audit evidence within specified timelines
· Report on audit status and corresponding problems to management
· Plan and execute service gap assessments reviews as assigned
· Identify, interpret, and evaluate Information Security risks and translate those into Business Risks
· Advise technical team members on methodologies to be compliant with a given set of controls
· Present findings to audited technical teams and negotiate suggested action plans
· Maintain solid fundamental understanding of Oracle Cloud services at a technical
· Foster a positive work environment by soliciting feedback from colleagues and developing the skills of staff auditors
· Provide feedback and support to update and maintain audit processes
· Promote a risk-conscientious environment; ensure efficient and effective risk and compliance management practices by adhering to required standards and practices
· Other duties as assigned

Skills
· Bachelor's Degree in Business Administration, Computer Science, Information Systems Administration an alternative technology related field.
· 3-5 years of Information Security, Internal Audit, or relevant IT experience.
· Knowledge of at least one of the following compliance frameworks: SSAE 16 SOC 1, SOC 2, ISO27001/ISO27002,.
· Knowledge of Cloud delivery models
· Good understanding and knowledge of business risks related to IT system general controls, systems / applications development, change management, logical access security, security technologies, local area network and wide area network concepts, contingency and recovery.
· Working knowledge of technology infrastructure (UNIX and Windows environments, Routers Firewalls, Networking protocols, Encryption, Cloud Services, Encryption, and/or Data Loss Prevention products).
· Can communicate well with virtual teams
· Excellent analytic, oral and written communication skills
· Open travel requirements (25%) with occasional travel overseas
. MUST BE A UK NATIONAL EITHER ALREADY HOLDING UKSV SECURITY CHECK CLEARANCE OR WILLING TO GO THROUGH UKSV SECURITY CHECK PROCESS

As an IT Compliance Analyst, you will organize and facilitate information system audits and security special reviews for third party audits of multiple SaaS services within the Oracle Cloud.

You will be responsible for supporting assurance process with Public Sector Customers post-sale; our Ops for UKG compliance issues; access control/security clearances for UKG; pre-Sales engagement with Public Sector Customers and the wider International Compliance team for ISO 27001 (as it's crucial for UKG assurance)

Key Responsibilities

Responsibilities

· Develop detailed audit execution plans

· Work with multiple teams and personnel to gather audit evidence within specified timelines

· Report on audit status and corresponding problems to management

· Plan and execute service gap assessments reviews as assigned

· Identify, interpret, and evaluate Information Security risks and translate those into Business Risks

· Advise technical team members on methodologies to be compliant with a given set of controls

· Present findings to audited technical teams and negotiate suggested action plans

· Maintain solid fundamental understanding of Oracle Cloud services at a technical

· Foster a positive work environment by soliciting feedback from colleagues and developing the skills of staff auditors

· Provide feedback and support to update and maintain audit processes

· Promote a risk-conscientious environment; ensure efficient and effective risk and compliance management practices by adhering to required standards and practices

· Other duties as assigned

Skills

· Bachelor's Degree in Business Administration, Computer Science, Information Systems Administration an alternative technology related field.

· 3-5 years of Information Security, Internal Audit, or relevant IT experience.

· Knowledge of at least one of the following compliance frameworks: SSAE 16 SOC 1, SOC 2, ISO27001/ISO27002, PCI-DSS, or HIPAA.

· Knowledge of Cloud delivery models

· Good understanding and knowledge of business risks related to IT system general controls, systems / applications development, change management, logical access security, security technologies, local area network and wide area network concepts, contingency and recovery.

· Working knowledge of technology infrastructure (UNIX and Windows environments, Routers Firewalls, Networking protocols, Encryption, Cloud Services, Encryption, and/or Data Loss Prevention products).

· Can communicate well with virtual teams

· Excellent analytic, oral and written communication skills

· Open travel requirements (25%) with occasional travel overseas

. MUST BE A UK NATIONAL EITHER ALREADY SECURITY CLEARED OR WILLING TO GO THROUGH SECURITY CLEARANCE

Preferred Qualification

· Prior experience with Cloud delivered services

· Experience with Sarbanes-Oxley preferred

· CISA, CISSP, CISM, or other relevant certification preferred

· PCI Experience a Plus

· Previous experience in compliance consulting a plus

· Experience in Financial Services or Public Accounting a plus

Make every future a success.
  • Job directory
  • Business directory
    •