Oracle Fusion ERP

Summary: The role of Oracle Fusion ERP-Security and Controls involves designing and maintaining the security model for Oracle Fusion ERP applications, ensuring compliance with regulatory requirements, and managing access provisioning. The position requires collaboration with various stakeholders to embed security requirements in implementations and changes, as well as developing and executing security-related audits and reports. The candidate will also provide guidance to audit teams and deliver training on security processes. Staying updated with Oracle's cloud security best practices is essential for proposing improvements to the ERP ecosystem's security posture.

Key Responsibilities:

• Design and maintain the security model for the Oracle Fusion ERP applications including roles, role hierarchies, privileges, duty conflicts, access groups and approval workflows.
• Define, implement and manage Segregation of Duties (SoD) rules, mitigating controls and compensating controls aligned with corporate policy, regulatory requirements (SOX, GDPR, etc).
• Lead the access provisioning lifecycle: joiner-mover-leaver processes, periodic access reviews, and cleanup of orphaned or dormant accounts.
• Collaborate with functional consultants, business process owners and the IT delivery team to ensure security requirements are embedded in new module implementations, configuration changes, integration projects and upgrades.
• Develop, maintain and execute security-related audit, monitoring and reporting: user access logging, role usage analytics, SoD violation reports, risk dashboards, remediation tracking and executive reporting.
• Drive the design and implementation of controls (both automated and manual) within the ERP environment to safeguard data integrity, confidentiality and availability.
• Provide subject matter guidance to internal audit, external auditors and control testing teams, prepare documentation, support walkthroughs and control assessments.
• Define and deliver training, documentation and knowledge transfer for security processes, role maintenance, access requests and control awareness for business and IT stakeholders.
• Stay current with Oracle's cloud security best practices, new features, patches and regulatory changes, and propose improvements to the security posture of the ERP ecosystem.

Key Skills:

• Bachelor's degree in Computer Science, Information Systems, Business Administration or related field. Master's preferred.
• ~ 2 to 3 years of relevant experience in ERP security & controls ideally with experience on Oracle Fusion Cloud ERP (or earlier Oracle Cloud Applications) or equivalent.
• Strong expertise in ERP security model design: roles, privileges, access groups, duty conflicts, data security policy, role mining/optimisation.
• Hands-on experience with provisioning and identity management frameworks, access review processes, SoD tools (e.g., Oracle GRC Cloud, SAP GRC, or similar).
• Deep understanding of internal controls, SOX compliance, audit requirements, risk management in the cloud SaaS context.
• Proven track record of working with business stakeholders, translating business process needs into secure access designs and controls.
• Excellent communication and stakeholder management skills: able to present to senior management and audit/finance teams.
• Strong analytical and problem-solving skills; ability to lead workshops, role-mapping sessions and resolve complex access/design issues.
• Comfortable working in an agile delivery model or hybrid governance/delivery model (given your experience in IT services portfolio management).
• Any relevant certifications would be an added advantage.

Salary (Rate): undetermined

City: undetermined

Country: USA

Working Arrangements: remote

IR35 Status: outside IR35

Seniority Level: undetermined

Industry: IT