Oracle Security Analyst
Posted 1 day ago by Miracle Software Systems, Inc.
Negotiable
Undetermined
Remote
Remote
Summary: The Oracle Security Analyst role involves designing, building, and operating IT general controls for an Oracle Cloud environment, primarily focusing on Oracle Fusion Cloud ERP. The position requires a hands-on approach to establish security and change-management controls to meet SOX/ICFR requirements and to manage these controls autonomously. The candidate should be comfortable with both the architectural and operational aspects of security controls. This is a long-term remote position aimed at experienced professionals in IT security and controls.
Key Responsibilities:
- Design, build, and operate IT general controls (ITGCs) for Oracle Cloud environment.
- Establish and rebuild security, change-management, and operations controls to meet SOX/ICFR requirements.
- Manage ongoing operations of established controls.
- Work autonomously in architecting and running control frameworks.
Key Skills:
- 6+ years in IT security, IT audit, or IT controls.
- Hands-on SOX/IT general controls experience in designing and operating controls.
- 3+ years of experience with Oracle Fusion Cloud application security.
- Ability to perform manual segregation-of-duties analysis and develop rulesets.
- Experience designing/building and operating ITGCs in a production ERP environment.
- Strong documentation and Excel-based analysis skills.
- Excellent written and verbal communication and stakeholder management skills.
- Authorized to work in the United States.
Salary (Rate): £60
City: undetermined
Country: undetermined
Working Arrangements: remote
IR35 Status: undetermined
Seniority Level: undetermined
Industry: IT
Detailed Description From Employer:
Requirement:
Job Title: Oracle Security Analyst
Duration: Long Term
Location: Remote
Job Description:
We are seeking an Oracle Security Analyst to design, build, and operate the IT general controls (ITGCs) that govern its Oracle Cloud environment. The role is delivered in two phases: first, standing up and, where needed, fully rebuilding a defined set of security, change-management, and operations controls to meet SOX / ICFR requirements; second, operating those controls on an ongoing basis. The environment is primarily Oracle Fusion Cloud ERP, with additional scope across EPM, Oracle Integration Cloud (OIC), and Oracle Cloud Infrastructure (OCI). This is a largely autonomous role suited to someone equally comfortable architecting a control framework and running it day to day.
Required Qualifications
6+ years in IT security, IT audit, or IT controls.
Hands-on SOX / IT general controls experience designing and operating controls. (Required.)
3+ years hands-on Oracle Fusion Cloud application security: Security Console, role design, data and function security, and role-to-privilege mapping.
Demonstrated ability to perform manual segregation-of-duties analysis ruleset development, conflict identification, and mitigating controls without reliance on an automated GRC platform such as Oracle RMC.
Proven experience both designing/building and operating ITGCs in a production ERP environment.
Strong documentation and Excel-based analysis skills.
Excellent written and verbal communication and stakeholder management; able to work independently in a fully remote setting.
Authorized to work in the United States.
Preferred Qualifications (Nice to Have)
Hands-on security experience with Oracle EPM, Oracle Integration Cloud (OIC), and/or Oracle Cloud Infrastructure (OCI).
Familiarity with Oracle Risk Management Cloud concepts (Advanced Access Controls, Advanced Financial Controls), even if not used in this environment.
Experience with Freshservice or a comparable ITSM ticketing platform.
Bachelor's degree in Information Systems, Accounting, Cybersecurity, or a related field equivalent experience accepted in lieu of a degree.
Certifications (Preferred)
CISA Certified Information Systems Auditor.
CRISC Certified in Risk and Information Systems Control.
OCI Security Oracle Cloud Infrastructure IAM / Security Professional.
CISSP broader information-security credential; a plus.