Oracle Risk and Compliance Lead Oracle Security Consultant Oracle Cloud Governance Consultant
Share
Job Location:
Chicago, IL - USA
Monthly Salary:
Not Disclosed
Posted on:
12 hours ago
Vacancies:
1 Vacancy
Job Summary
Job Title: Cybersecurity & GRC Consultant/Oracle Security Consultant/Security Architect
Duration: Long Term
Location: Chicago IL
Duration: Long Term
Location: Chicago IL
The Senior GRC (Governance Risk and Compliance) Lead has a well-rounded profile with the right combination of significant and progressive professional expertise in Enterprise Governance Risk and Compliance Management and will support implementation of Oracle Cloud GRC modules including Enterprise Governance Risk and Compliance Manager (EGRCM) and Advanced Controls to support Organization Enterprise Governance Risk and Compliance management efforts.
Key Responsibilities:
Validate requirements and support implementation of Oracle Enterprise Governance Risk and Compliance management modules in support of Enterprise Governance Risk and Compliance policies and procedures.
Own the GRC related requirements and provide support in reviewing and approving GRC related requirements business processes user stories functional and technical specification documentation.
Support creation review and approval of test cases and test results in support of GRC module requirements.
Support the Third-Party Risk Management lifecycle from pre-onboarding to offboarding of vendor relationships.
Conduct risk assessments for new and existing systems and vendors to identify privacy and security-related risks.
Collect review and track vendor due diligence and compliance documentation (e.g. SIG questionnaires SOC 2 reports security policies)
Assist in analyzing internal as well as vendor cybersecurity controls related to hardware software and services.
Coordinate with internal stakeholders and third parties to document and remediate risks.
Support contractual reviews in collaboration with Procurement and Contracts Administration teams.
Contribute to client compliance activities including assessments and client webshare coordination.
Help define report and track GRC-related metrics and risk indicators.
Participate in process improvements and automation of GRC activities.
Stay current with industry trends frameworks (NIST CSF ISO) and regulatory requirements (GDPR CCPA).
Practical expertise in security frameworks such as: SANS Critical Security Controls CIS Controls ISO 27001 NIST SP 800-53 PCI DSS SOC2.
Expertise in SaaS and PaaS implementations including Oracle cloud ERP HCM SCM and EPM applications.
Solid understanding of IT control frameworks like COBIT and IT General Controls.
In-depth knowledge of risk and controls concepts in information security.
Hands-on experience across control domains such as IAM Data Security Network Security SDLC Logging & Monitoring etc.
Technical proficiency in security controls like encryption logical access secure coding vulnerability management and security architecture.
Strong experience conducting vendor risk assessments and translating technical risk into business impact.
Familiarity with risk treatment and exception processes.
Understanding of security architecture (authentication authorization encryption of data in transit/at rest).
Ability to communicate clearly with technical teams stakeholders and auditors.
High attention to detail and excellent documentation habits.
Strong analytical skills to resolve system and security issues.
Strong understanding in access control identity management and compliance standards
Excellent verbal and written communication skills.
Work with IAM Security engineering and Network operations teams to understand and design target state OCI PaaS and IaaS services
Document security requirements for OCI PaaS and IaaS services
Strong Understanding of IAM including SSO IDMS and IGA practices for enterprise
Provide guidance and training to team members on Oracle Cloud security practices.
Liaise with vendors and partners to ensure optimal security practices and stay updated on Oracle Cloud updates and best practices.
Validate requirements and support implementation of Oracle Enterprise Governance Risk and Compliance management modules in support of Enterprise Governance Risk and Compliance policies and procedures.
Own the GRC related requirements and provide support in reviewing and approving GRC related requirements business processes user stories functional and technical specification documentation.
Support creation review and approval of test cases and test results in support of GRC module requirements.
Support the Third-Party Risk Management lifecycle from pre-onboarding to offboarding of vendor relationships.
Conduct risk assessments for new and existing systems and vendors to identify privacy and security-related risks.
Collect review and track vendor due diligence and compliance documentation (e.g. SIG questionnaires SOC 2 reports security policies)
Assist in analyzing internal as well as vendor cybersecurity controls related to hardware software and services.
Coordinate with internal stakeholders and third parties to document and remediate risks.
Support contractual reviews in collaboration with Procurement and Contracts Administration teams.
Contribute to client compliance activities including assessments and client webshare coordination.
Help define report and track GRC-related metrics and risk indicators.
Participate in process improvements and automation of GRC activities.
Stay current with industry trends frameworks (NIST CSF ISO) and regulatory requirements (GDPR CCPA).
Practical expertise in security frameworks such as: SANS Critical Security Controls CIS Controls ISO 27001 NIST SP 800-53 PCI DSS SOC2.
Expertise in SaaS and PaaS implementations including Oracle cloud ERP HCM SCM and EPM applications.
Solid understanding of IT control frameworks like COBIT and IT General Controls.
In-depth knowledge of risk and controls concepts in information security.
Hands-on experience across control domains such as IAM Data Security Network Security SDLC Logging & Monitoring etc.
Technical proficiency in security controls like encryption logical access secure coding vulnerability management and security architecture.
Strong experience conducting vendor risk assessments and translating technical risk into business impact.
Familiarity with risk treatment and exception processes.
Understanding of security architecture (authentication authorization encryption of data in transit/at rest).
Ability to communicate clearly with technical teams stakeholders and auditors.
High attention to detail and excellent documentation habits.
Strong analytical skills to resolve system and security issues.
Strong understanding in access control identity management and compliance standards
Excellent verbal and written communication skills.
Work with IAM Security engineering and Network operations teams to understand and design target state OCI PaaS and IaaS services
Document security requirements for OCI PaaS and IaaS services
Strong Understanding of IAM including SSO IDMS and IGA practices for enterprise
Provide guidance and training to team members on Oracle Cloud security practices.
Liaise with vendors and partners to ensure optimal security practices and stay updated on Oracle Cloud updates and best practices.
Type of Education Required:
Bachelors Degree in Technology Risk Management or related field.
Bachelors Degree in Technology Risk Management or related field.
Preferred certifications:
CISSP CISA CISM CEH ISO 27001 Lead Auditor or Lead Implementer.
Type of Experience and Number of Years:
Working Experience on Oracle GRC Modules and Risk Management are mandatory
Working Experience on various Security frameworks like NIST are mandatory
At least one full life cycle implementation of Enterprise Governance Risk and Compliance Manager (EGRCM) and Advanced Controls preferably
Working Experience on Oracle GRC Modules and Risk Management are mandatory
Working Experience on various Security frameworks like NIST are mandatory
At least one full life cycle implementation of Enterprise Governance Risk and Compliance Manager (EGRCM) and Advanced Controls preferably
in a public sector environment.
Minimum 5 years of Enterprise GRC experience implementing and supporting industry standard tools and frameworks including third-party vendor risk assessment.
Proficiency in cloud security principles and tools including IAM encryption firewall management and vulnerability assessment.
Proficiency with Google tools such as Google Docs Sheets and Presentations.
A proactive mindset with a focus on continuous improvement and results.
Integrity accountability and a strong sense of ownership over responsibilities.
Experience in the Public Sector including Education (K-12) project or program work preferred.
Minimum 5 years of Enterprise GRC experience implementing and supporting industry standard tools and frameworks including third-party vendor risk assessment.
Proficiency in cloud security principles and tools including IAM encryption firewall management and vulnerability assessment.
Proficiency with Google tools such as Google Docs Sheets and Presentations.
A proactive mindset with a focus on continuous improvement and results.
Integrity accountability and a strong sense of ownership over responsibilities.
Experience in the Public Sector including Education (K-12) project or program work preferred.
Keywords: Oracle Cloud Oracle GRC NIST Data Security Network Security
Key Skills
- Change Management
- Lgv
- Baking
- Document Control Management
- Banking Sales
