Oracle Security Mgr - Full Time - Byrd Professional Resources

Oracle Security Manager - Corporate Full Time, New York City

Seeking a highly skilled and experienced candidate in the Oracle Applications Security and GRC space, inclusive of Oracle Cloud Infrastructure (OCI), to join the Information Security team as an Oracle Security Manager. The position will focus on Oracle security and controls, strategic risk management for the Oracle platform, and governance, risk, and control technology enablement for Oracle. The ideal candidate will have a deep understanding of cloud security principles, extensive experience with OCI, and the ability to work effectively in a fast-paced, collaborative setting.

• Governance on Oracle Cloud role design across functional (ERP, EPM, OTBI) and technical (e.g. - Security Console, Setup & Maintenance, OIC) domain areas.

• Identifying key risks and controls, Sarbanes Oxley readiness, controls optimization, as well as configuration of controls around security, business process and within the Oracle Cloud RMC modules.

• Managing and understanding SDLC for Oracle Cloud product implementations, and configurations - e.g., security and control, and/or optimizations of business process controls and application security.

• Design, implement, and manage security solutions within the Oracle Cloud Infrastructure environment.

• Develop and enforce security policies and procedures to ensure the protection of organizational data in Oracle.

• Configure and manage OCI security services including IAM, Network Security, Data Encryption, and Security Monitoring.

• Monitor and analyze security events across OCI services to detect and respond to threats.

• Investigate and respond to security incidents and breaches in Oracle, performing root cause analysis and implementing corrective actions.

• Ensure compliance with industry standards, regulatory requirements, and internal policies.

• Conduct regular security assessments and audits of the OCI and ERP environment.

• Identify and mitigate security risks associated with OCI deployments.

• Work closely with IT teams to integrate security into the design and deployment of OCI solutions.

• Collaborate with external partners and stakeholders to align security initiatives with organizational goals.

• Stay current with emerging security technologies, threats, and best practices.

• Recommend and implement improvements to security processes and tools.

• Participate in ongoing training and professional development opportunities.

• Educate, consult, and train stakeholders on best practices around Oracle Cloud Security.

• Effectively manage work with multiple stakeholders and manage competing priorities with internal clients.

• ERP Security oversight for M&A and divestures.

• Participate in rotating on-call schedule.

What We're Looking For:

• A bachelor's degree in a relevant area of study with a preference for specialization in Business Administration, Computer Science, Engineering, Accounting, or Information Systems.

• Security certifications such as Oracle Cloud Infrastructure (OCI) Certified Architect Professional, Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), and Certified Information Systems Security Professional (CISSP) are highly desired.

• At least 5 years of experience in Oracle application security, GRC, and cloud security, with a focus on Oracle Cloud Infrastructure.

• Experience with Oracle security (role design, user lifecycle management, segregation of duties).

• Experience with Oracle Cloud Risk Management Cloud (RMC) design, implementation or assessment experience including Advanced Access Controls (AAC), Advanced Financial Controls (AFC) and Financial Reporting Compliance (FRC).

• Deep understanding of cloud security principles, and experience with OCI.

• Experience with Terraform and GitHub is preferred.

• Strong knowledge of OCI security services, including Identity and Access Management (IAM), Network Security, and Data Encryption.

• Experience with security monitoring tools and incident response processes.

• Familiarity with compliance frameworks such as GDPR, HIPAA, and ISO 2700.

• Ability to understand IT risks and implications to the business, identify weaknesses and recommend solutions.

• Initiative-taking, adaptable, and possess a continuous learning mindset to keep up with the evolving security challenges and technologies.

• Strong written, communication, and presentation skills.

• Strong skills in project and risk management.

• Experienced communicating with executives and stakeholders.

• Passion for leading and implementing change.

• Global experience preferred.