27 Nov
Principal Security Analyst
Maryland, Annapolis , 21401 Annapolis USA

Job DescriptionDevelops and executes programs and processes to reduce information security risk and strengthen Oracle’s security posture.The successful candidate will be responsible for providing security analysis and Cybersecurity support for our federal clients. The cyber security analyst has experience with NIST 800-37,” Guide to Applying Risk Management Framework to Federal Information Systems,” NIST 800-53rev5 “Security and Privacy Controls for Information Systems and Organizations,” and NIST 800-171, “Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations,” Cyber Security Policy and security engineering principles. The successful candidate must be well versed in applicable laws and standards such as HIPPA, HITECH, and NIST 800-53, NIST 800-171 to implement secure applications, and networks. They must have familiarity and experience in the implementation of cyber security requirements to follow FISMA and FedRAMP guidelines Develops and executes programs and processes to reduce information security risk and strengthen Oracle’s security posture.Career Level - IC4ResponsibilitiesSupports the strengthening of Oracle’s security posture, focusing on one or more of the following: risk management; regulatory compliance; threat and vulnerability management; incident management and response; security policy development and enforcement; privacy; information security education, training and awareness (ISETA); digital forensics and similar focus areas.Risk Management: Brings advanced level skills to assess the information security risk associated with existing and proposed business operational programs, systems, applications, practices and procedures in very complex, business-critical environments. May conduct and document very complex information security risk assessments. May assist in the creation and implementation of security solutions and programs.Regulatory Compliance: Brings advanced level skills to manage programs to establish, document and track compliance to industry and government standards and regulations, e.g. ISO-27001, PCI-DSS, HIPAA, FedRAMP, GDPR, etc. Researches and interprets current and pending governmental laws and regulations, industry standards and customer and vendor contracts to communicate compliance requirements to the business. Other responsibilities include: Assess the Cyber Security risk of application, technologies and networks migrating to Oracle Cloud Infrastructure and documenting in formal risk assessments and supporting artifacts associated with the Federal Assessment and Authorization process Identify security risks through the security impact analysis and system risk assessments Apply knowledge of security principles, policy, and regulations to daily tasking Provide IT security engineering support to cross-functional project teams to ensure that security policies, processes, and controls are adhered to, planned for, and implemented throughout the project lifecycle Knowledgeable working in the FedRAMP cloud environment understanding IaaS, PaaS, and SaaS in regard to cloud service provider security control responsibilities and customer responsibilities Effectively and efficiently communicate and collaborate with external and internal customers to analyze and monitor a project’s security posture and status Able to lead a small team of security analyst and / or tasks Effectively following-up with key project team members Engage with client on security matters Able to be task lead to small team of Cyber Security Analysts to provide deliverables and services to government clientMinimum of 8 years experience in information systems, business operations, or related fields, at least 5 years of which must be from at least one of the following:o Risk Management Frameworko Authorization Requirements Process for Federal Governmento Information Assuranceo FISMA and/ or FedRAMP requirements Expert technical knowledge of risk management, and information security concepts and technologies Experience with Cyber Security document management and familiar with security and privacy rules Excellent verbal communication skills Excellent written skills for preparing reports and briefings Excellent analytical and problem-solving skills Ability to facilitate and coordinate efforts with key government and non-government stakeholdersHold or plan to hold any of the following certificates: CISSP or ISSEP or CCSP or CompTIA + or OCI security certificationsU.S. Citizenship is required as is successfully passing a thorough Government background screening process requiring the completion of detailed forms and fingerprintingAbility to obtain a public trustPrevious Government contracting work experienceDisclaimer:Certain US customer or client-facing roles may be required to comply with applicable requirements, such as immunization and occupational health mandates.Range and benefit information provided in this posting are specific to the stated locations onlyUS: Hiring Range in USD from: $104,200 to $223,400 per annum. May be eligible for bonus and equity.Oracle maintains broad salary ranges for its roles in order to account for variations in knowledge, skills, experience, market conditions and locations, as well as reflect Oracle’s differing products, industries and lines of business.Candidates are typically placed into the range based on the preceding factors as well as internal peer equity.Oracle US offers a comprehensive benefits package which includes the following:

Medical, dental, and vision insurance, including expert medical opinion

Short term disability and long term disability

Life insurance and AD&D

Supplemental life insurance (Employee/Spouse/Child)

Health care and dependent care Flexible Spending Accounts

Pre-tax commuter and parking benefits

401(k) Savings and Investment Plan with company match

Paid time off: Flexible Vacation is provided to all eligible employees assigned to a salaried (non-overtime eligible) position. Accrued Vacation is provided to all other employees eligible for vacation benefits. For employees working at least 35 hours per week, the vacation accrual rate is 13 days annually for the first three years of employment and 18 days annually for subsequent years of employment. Vacation accrual is prorated for employees working between 20 and 34 hours per week. Employees working fewer than 20 hours per week are not eligible for vacation.

11 paid holidays

Paid sick leave: 72 hours of paid sick leave upon date of hire. Refreshes each calendar year. Unused balance will carry over each year up to a maximum cap of 112 hours.

Paid parental leave

Adoption assistance

Employee Stock Purchase Plan

Financial planning and group legal

Voluntary benefits including auto, homeowner and pet insurance

The role will generally accept applications for at least three calendar days from the posting date or as long as the job remains posted.About UsAs a world leader in cloud solutions, Oracle uses tomorrow’s technology to tackle today’s problems. True innovation starts with diverse perspectives and various abilities and backgrounds.When everyone’s voice is heard, we’re inspired to go beyond what’s been done before. It’s why we’re committed to expanding our inclusive workforce that promotes diverse insights and perspectives.We’ve partnered with industry-leaders in almost every sector—and continue to thrive after 40+ years of change by operating with integrity.Oracle careers open the door to global opportunities where work-life balance flourishes. We offer a highly competitive suite of employee benefits designed on the principles of parity and consistency. We put our people first with flexible medical, life insurance and retirement options. We also encourage employees to give back to their communities through our volunteer programs.We’re committed to including people with disabilities at all stages of the employment process. If you require accessibility assistance or accommodation for a disability at any point, let us know by calling +1 888 404 2494, option one.Disclaimer:Oracle is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans’ status, or any other characteristic protected by law. Oracle will consider for employment qualified applicants with arrest and conviction records pursuant to applicable law. Which includes being a United States Affirmative Action Employer


Related jobs

Report job