Principal Information Security Compliance Analyst
Share
Job Location:
Nashville, IN - USA
Yearly Salary:
$ 104200 - 223400
Posted on:
30+ days ago
Vacancies:
1 Vacancy
Job Summary
Description
Responsibilities
Qualifications
Disclaimer:
Certain US customer or client-facing roles may be required to comply with applicable requirements such as immunization and occupational health mandates.
Range and benefit information provided in this posting are specific to the stated locations only
US: Hiring Range in USD from: $104200 to $223400 per annum. May be eligible for bonus and equity.
Oracle maintains broad salary ranges for its roles in order to account for variations in knowledge skills experience market conditions and locations as well as reflect Oracles differing products industries and lines of business.
Candidates are typically placed into the range based on the preceding factors as well as internal peer equity.
Oracle US offers a comprehensive benefits package which includes the following:
1. Medical dental and vision insurance including expert medical opinion
2. Short term disability and long term disability
3. Life insurance and AD&D
4. Supplemental life insurance (Employee/Spouse/Child)
5. Health care and dependent care Flexible Spending Accounts
6. Pre-tax commuter and parking benefits
7. 401(k) Savings and Investment Plan with company match
8. Paid time off: Flexible Vacation is provided to all eligible employees assigned to a salaried (non-overtime eligible) position. Accrued Vacation is provided to all other employees eligible for vacation benefits. For employees working at least 35 hours per week the vacation accrual rate is 13 days annually for the first three years of employment and 18 days annually for subsequent years of employment. Vacation accrual is prorated for employees working between 20 and 34 hours per week. Employees working fewer than 20 hours per week are not eligible for vacation.
9. 11 paid holidays
10. Paid sick leave: 72 hours of paid sick leave upon date of hire. Refreshes each calendar year. Unused balance will carry over each year up to a maximum cap of 112 hours.
11. Paid parental leave
12. Adoption assistance
13. Employee Stock Purchase Plan
14. Financial planning and group legal
15. Voluntary benefits including auto homeowner and pet insurance
The role will generally accept applications for at least three calendar days from the posting date or as long as the job remains posted.
Successful candidate will be responsible for maintaining monitoring and supporting FedRAMP and DoD cloud authorization supporting US government agencies and their subcontractors. The Information Security Compliance Analyst is expected to champion the upkeep of authorization throughout the business working with others to ensure documentation is kept up-to-date and processes and policies are appropriate.
Required Skills & Experience:
- Experience with FedRAMP and Department of Defense (DoD) Risk Management Framework (RMF) and risk assessment tools
- Detailed understanding of the NIST 800-53 control catalog FedRAMP Security Assessment Framework (SAF) and DoD Cloud Computing Security Requirements Guide (SRG)
- Working experience with DISA Security Technical Implementation Guides STIGs
- Thorough understanding of the latest security principles techniques and protocols
- Fundamental understanding of security systems including firewalls intrusion detection systems anti-virus software authentication systems log management content filtering etc.
- Ability to communicate security issues to peers management customers and end-users
- Excellent problem-solving skills and ability to work under pressure
- US Citizens with ability to obtain a US security clearance
Desired Skills and Experience:
- Working knowledge of production information system in a global IaaS PaaS SaaS environment
- Familiarity with web related technologies (Web applications Web Services Service Oriented Architectures) and of network/web related protocols
- Knowledge of standards and requirements with application security
- Fundamental Understanding of the OWASP (Open Web Application Security Project) top 10
- Knowledge and expertise in disciplines/ business functions and projects of risk information security business continuity quality and environment management
- A strong multi-tasker with a keen eye for detail
- Organized and thrive in fast-paced high-stress scenarios
Responsibilities
Primary Responsibilities:
- Manage and maintain FedRAMP DoD RMF and other US cloud authorization initiatives
- Design develop and maintain information security process and documentation including maintenance of a Systems Security Plan (SSP) for FedRAMP
- Manage and monitor progress against commitments for completion of remediation activities and action items in a POA&M
- Support facilitate and engage with auditors and business teams during certification audits
- Maintain business relationships with interested parties on information security requirements
- Organize integrate and build synergy on compliance programs for process and project maturity objectives to facilitate compliance to various statutory regulatory contractual standard requirements
Additional Responsibilities:
- Deliver sound know-how and know-what to information security and business continuity projects
- Management of document reviews and approval workflows
- Collaboration with regional business units to ensure practical plans are in place
- Conduct risk assessments to assets projects and processes in a SaaS and IaaS environment
Qualifications
Disclaimer:
Certain US customer or client-facing roles may be required to comply with applicable requirements such as immunization and occupational health mandates.
Range and benefit information provided in this posting are specific to the stated locations only
US: Hiring Range in USD from: $104200 to $223400 per annum. May be eligible for bonus and equity.
Oracle maintains broad salary ranges for its roles in order to account for variations in knowledge skills experience market conditions and locations as well as reflect Oracles differing products industries and lines of business.
Candidates are typically placed into the range based on the preceding factors as well as internal peer equity.
Oracle US offers a comprehensive benefits package which includes the following:
1. Medical dental and vision insurance including expert medical opinion
2. Short term disability and long term disability
3. Life insurance and AD&D
4. Supplemental life insurance (Employee/Spouse/Child)
5. Health care and dependent care Flexible Spending Accounts
6. Pre-tax commuter and parking benefits
7. 401(k) Savings and Investment Plan with company match
8. Paid time off: Flexible Vacation is provided to all eligible employees assigned to a salaried (non-overtime eligible) position. Accrued Vacation is provided to all other employees eligible for vacation benefits. For employees working at least 35 hours per week the vacation accrual rate is 13 days annually for the first three years of employment and 18 days annually for subsequent years of employment. Vacation accrual is prorated for employees working between 20 and 34 hours per week. Employees working fewer than 20 hours per week are not eligible for vacation.
9. 11 paid holidays
10. Paid sick leave: 72 hours of paid sick leave upon date of hire. Refreshes each calendar year. Unused balance will carry over each year up to a maximum cap of 112 hours.
11. Paid parental leave
12. Adoption assistance
13. Employee Stock Purchase Plan
14. Financial planning and group legal
15. Voluntary benefits including auto homeowner and pet insurance
The role will generally accept applications for at least three calendar days from the posting date or as long as the job remains posted.
Career Level - IC4
Required Experience:
Staff IC
Key Skills
- IT Experience
- Splunk
- IDS
- Cybersecurity
- FIPS
- PCI
- NIST Standards
- Information Security
- Encryption
- FISMA
- RMF
- Siem
About Company
As a world leader in cloud solutions, Oracle uses tomorrow’s technology to tackle today’s challenges. We’ve partnered with industry-leaders in almost every sector—and continue to thrive after 40+ years of change by operating with integrity. We know that true innovation starts when eve ... View more
