• Assist in performing on-going periodic information security risk assessments and compliance testing.
• Ensure effective IT general controls are maintained by process owners.
• Assist in performing assessment of end to end risks and controls, with evaluation of existing process
• Perform ongoing periodic walkthrough and controls testing for compliance projects, including audits for IT projects, applications, operations and environments for adherence to corporate security policies and guidelines
• Perform readiness assessment for ongoing compliance obligations, including PCI-DSS, ISO 27001, SOC 1, SOC 2, etc.
• Provide recommendations for improving processes, controls, and management of risk
• Monitor compliance and completion of any remediation or process improvements agreed with management
• Independent, proactive, organized and fast learner
• High ethical standards and integrity
• Knowledge of PCI-DSS, ISO 27001, NIST 800, SOC 1 or SOC 2 is an advantage
• Experience in IT Audit/IT Compliance assessments a huge advantage
• Effective communication and presentation skills• Experience dealing with all levels of management and across different teams, including managing conflicts
Detailed Description and Job Requirements
Executes security controls to prevent hackers from infiltrating company information or jeopardizing e-commerce programs.
Researches attempted efforts to compromise security protocols. Maintains security systems for routers and switches. Administers security policies to control access to systems. Maintains the company*s firewall. Uses applicable encryption methods. Provides information to management regarding the negative impact on the business caused by theft, destruction, alteration or denial of access to information.
Job duties are varied and complex; independent judgment needed. May have project lead role. Prefer 5 years relevant experience and BA/BS degree.
As part of Oracle's employment process candidates will be required to successfully complete a pre-employment screening process. This will involve identity and employment verification, professional references, education verification and professional qualifications and memberships (if applicable).