Security and Privacy Compliance Principal
Apply NowCompany: Oracle Corporation
Location: Kitchener, ON N2A 4J7
Description:
Job Description
This position will support the Security and Privacy Compliance organization. The individual will support our governance, risk, and compliance (GRC) practices, working on projects to ensure compliance with regulations and compliance to obligations with our customers.
A key responsibility of this position will be the growth and maintenance of the incident reporting and response program within the risk management program. The candidate will manage the incident reporting and response program, including managing the tabletop exercise and the review, communication, and escalation process for security events, and ensuring we meet compliance obligations with our processes. This position will manage other compliance projects such as third-party audits (e.g. SOC 1/ PCI-DSS, etc.), risk assessments, or product compliance consulting projects, including HIPAA/Healthcare expansion programs. This role will include conducting research on compliance requirements, performing or managing assessments, and reporting findings to stakeholders. They will ideally have extensive experience in compliance, audit, project management, security, privacy, and software development lifecycle standard methodologies.
This position will require coordinating, communicating, and working effectively with internal process owners, internal and external auditors, and all levels of management. The candidate should understand IT and security risks, general IT controls and security controls, as well as risk mitigation and issue remediation. Key skills would be IT audit and security event management, including understanding security issues identified, as well as potential exposure and needed mitigation and remediation.
Career Level - IC4
Responsibilities
The position prefers experience in IT compliance, audit, software development lifecycle (SDLC), and security best practices in a SaaS/Cloud environment.
Additionally, the below will be considered in hiring the appropriate candidate:
Qualifications
Range and benefit information provided in this posting are specific to the stated locations only
CA: Hiring Range in CAD from: $76,700 to $167,600 per annum.
Oracle maintains broad salary ranges for its roles in order to account for variations in knowledge, skills, experience, market conditions and locations, as well as reflect Oracle's differing products, industries and lines of business.
Candidates are typically placed into the range based on the preceding factors as well as internal peer equity.
About Us
As a world leader in cloud solutions, Oracle uses tomorrow's technology to tackle today's problems. True innovation starts with diverse perspectives and various abilities and backgrounds.
When everyone's voice is heard, we're inspired to go beyond what's been done before. It's why we're committed to expanding our inclusive workforce that promotes diverse insights and perspectives.
We've partnered with industry-leaders in almost every sector-and continue to thrive after 40+ years of change by operating with integrity.
Oracle careers open the door to global opportunities where work-life balance flourishes. We offer a highly competitive suite of employee benefits designed on the principles of parity and consistency. We put our people first with flexible medical, life insurance and retirement options. We also encourage employees to give back to their communities through our volunteer programs.
We're committed to including people with disabilities at all stages of the employment process. If you require accessibility assistance or accommodation for a disability at any point, let us know by calling +1 888 404 2494, option one.
Disclaimer:
Oracle is an Equal Employment Opportunity Employer*. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans' status, or any other characteristic protected by law. Oracle will consider for employment qualified applicants with arrest and conviction records pursuant to applicable law.
* Which includes being a United States Affirmative Action Employer
This position will support the Security and Privacy Compliance organization. The individual will support our governance, risk, and compliance (GRC) practices, working on projects to ensure compliance with regulations and compliance to obligations with our customers.
A key responsibility of this position will be the growth and maintenance of the incident reporting and response program within the risk management program. The candidate will manage the incident reporting and response program, including managing the tabletop exercise and the review, communication, and escalation process for security events, and ensuring we meet compliance obligations with our processes. This position will manage other compliance projects such as third-party audits (e.g. SOC 1/ PCI-DSS, etc.), risk assessments, or product compliance consulting projects, including HIPAA/Healthcare expansion programs. This role will include conducting research on compliance requirements, performing or managing assessments, and reporting findings to stakeholders. They will ideally have extensive experience in compliance, audit, project management, security, privacy, and software development lifecycle standard methodologies.
This position will require coordinating, communicating, and working effectively with internal process owners, internal and external auditors, and all levels of management. The candidate should understand IT and security risks, general IT controls and security controls, as well as risk mitigation and issue remediation. Key skills would be IT audit and security event management, including understanding security issues identified, as well as potential exposure and needed mitigation and remediation.
Career Level - IC4
Responsibilities
- Manage security incident reporting and response program
- Manage reporting and response for individual security events that occur
- Assist with tabletop exercises to test processes
- Ensure tabletop exercises comply with internal and external audits
- Maintain standards and controls documentation with SMEs and ensure compliance with internal and external audit
- Ensure processes are followed, relevant controls are performed, and the process and controls comply with internal and external audits
- Assist with security and privacy risk assessments of our services
- Assist with security and privacy risk assessments of our suppliers
- Assist with audit, risk, governance, or consulting compliance projects as appropriate
The position prefers experience in IT compliance, audit, software development lifecycle (SDLC), and security best practices in a SaaS/Cloud environment.
Additionally, the below will be considered in hiring the appropriate candidate:
- Candidate must possess at least a Bachelor's/College Degree, preferably in Audit/Finance/Accountancy/Information Systems/Banking or equivalent
- At least 8 year(s) of working experience in IT Compliance, Audit, Risk Management, Incident Response, or related field is preferred for this position
- Candidate should be a either CPA, CISA, CRISC, CISM, CISSP, or maintain a similar certification in information systems or information security
- Candidate should understand security issues identified, including potential exposure from security issues, required mitigation, and remediation steps needed
- Candidate should have hands-on working knowledge of and experience with ITGC, including deficiency risk and mitigation documentation
- Experience with and working knowledge of risk assessments is preferred
- Experience and working knowledge of security-related technology (e.g. Identity Management tools, Firewalls, etc.) is preferred
- Working knowledge of ERP systems (e.g., NetSuite, PeopleSoft FDM and Oracle eBusiness) security standards and implementation is preferred
- Exposure to cloud environment is preferred
- Experience with SOC audits and ISO27001 is preferred
Qualifications
Range and benefit information provided in this posting are specific to the stated locations only
CA: Hiring Range in CAD from: $76,700 to $167,600 per annum.
Oracle maintains broad salary ranges for its roles in order to account for variations in knowledge, skills, experience, market conditions and locations, as well as reflect Oracle's differing products, industries and lines of business.
Candidates are typically placed into the range based on the preceding factors as well as internal peer equity.
About Us
As a world leader in cloud solutions, Oracle uses tomorrow's technology to tackle today's problems. True innovation starts with diverse perspectives and various abilities and backgrounds.
When everyone's voice is heard, we're inspired to go beyond what's been done before. It's why we're committed to expanding our inclusive workforce that promotes diverse insights and perspectives.
We've partnered with industry-leaders in almost every sector-and continue to thrive after 40+ years of change by operating with integrity.
Oracle careers open the door to global opportunities where work-life balance flourishes. We offer a highly competitive suite of employee benefits designed on the principles of parity and consistency. We put our people first with flexible medical, life insurance and retirement options. We also encourage employees to give back to their communities through our volunteer programs.
We're committed to including people with disabilities at all stages of the employment process. If you require accessibility assistance or accommodation for a disability at any point, let us know by calling +1 888 404 2494, option one.
Disclaimer:
Oracle is an Equal Employment Opportunity Employer*. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans' status, or any other characteristic protected by law. Oracle will consider for employment qualified applicants with arrest and conviction records pursuant to applicable law.
* Which includes being a United States Affirmative Action Employer