Be an early applicantLess than 25 applicants

Company

Oracle · 5 hours ago

Principal Security Analyst

United States

Full-time

Remote

Lead/Staff

$104K/yr - $223K/yr

8+ years exp

Maximize your interview chances

Data GovernanceData Management

No H1B

U.S. Citizen Only

Security Clearance Required

Insider Connection @Oracle

Discover valuable connections within the company who might provide insights and potential referrals.
Get 3x more responses when you reach out via email instead of LinkedIn.

Responsibilities

Supports the strengthening of Oracle’s security posture, focusing on one or more of the following: risk management; regulatory compliance; threat and vulnerability management; incident management and response; security policy development and enforcement; privacy; information security education, training and awareness (ISETA); digital forensics and similar focus areas.

Risk Management: Brings advanced level skills to assess the information security risk associated with existing and proposed business operational programs, systems, applications, practices and procedures in very complex, business-critical environments. May conduct and document very complex information security risk assessments. May assist in the creation and implementation of security solutions and programs.

Regulatory Compliance: Brings advanced level skills to manage programs to establish, document and track compliance to industry and government standards and regulations, e.g. ISO-27001, PCI-DSS, HIPAA, FedRAMP, GDPR, etc. Researches and interprets current and pending governmental laws and regulations, industry standards and customer and vendor contracts to communicate compliance requirements to the business. Other responsibilities include:

• Assess the Cyber Security risk of application, technologies and networks migrating to Oracle Cloud Infrastructure and documenting in formal risk assessments and supporting artifacts associated with the Federal Assessment and Authorization process

• Identify security risks through the security impact analysis and system risk assessments

• Apply knowledge of security principles, policy, and regulations to daily tasking

• Provide IT security engineering support to cross-functional project teams to ensure that security policies, processes, and controls are adhered to, planned for, and implemented throughout the project lifecycle

• Knowledgeable working in the FedRAMP cloud environment understanding IaaS, PaaS, and SaaS in regard to cloud service provider security control responsibilities and customer responsibilities

• Effectively and efficiently communicate and collaborate with external and internal customers to analyze and monitor a project’s security posture and status

• Able to lead a small team of security analyst and / or tasks

• Effectively following-up with key project team members

• Engage with client on security matters

• Able to be task lead to small team of Cyber Security Analysts to provide deliverables and services to government client

Qualification

Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.

NIST 800-37NIST 800-53rev5NIST 800-171Risk Management FrameworkHIPAAHITECHFISMAFedRAMPCISSPInformation AssuranceCloud securitySecurity policy developmentISO-27001PCI-DSSGDPRISSEPCCSPCompTIA+OCI security certificationsCyber Security document managementClient engagement

Required

Minimum of 8 years experience in information systems, business operations, or related fields, at least 5 years of which must be from at least one of the following: Risk Management Framework, Authorization Requirements Process for Federal Government, Information Assurance, FISMA and/ or FedRAMP requirements.

CISSP or ISSEP or CCSP or CompTIA + or OCI security certifications.

Expert technical knowledge of risk management, and information security concepts and technologies.

Experience with Cyber Security document management and familiar with security and privacy rules.

Excellent verbal communication skills.

Excellent written skills for preparing reports and briefings.

Excellent analytical and problem-solving skills.

Ability to facilitate and coordinate efforts with key government and non-government stakeholders.

U.S. Citizenship is required as is successfully passing a thorough Government background screening process requiring the completion of detailed forms and fingerprinting.

Ability to obtain a public trust.

Previous Government contracting work experience.