Security Account Manager, Advance Customer Service
OracleAustraliaUpdate time: July 25,2022
Job Description
Develops and executes programs and processes to reduce information security risk and strengthen Oracle’s security posture.
Supports the strengthening of Oracle’s security posture, focusing on one or more of the following: risk management; regulatory compliance; threat and vulnerability management; incident management and response; security policy development and enforcement; privacy; information security education, training and awareness (ISETA); digital forensics and similar focus areas. Risk Management: Brings expert level skills to assesses the information security risk associated with existing and proposed business operational programs, systems, applications, practices and procedures in very highly complex, business-critical environments that may span business units. May conduct and document very highly complex information security risk assessments. May assist in the creation and implementation of security solutions and programs. Regulatory Compliance: Brings expert level skills to manage programs to establish, document and track compliance to industry and government standards and regulations, e.g. ISO-27001, PCI-DSS, HIPAA, FedRAMP, GDPR, etc. Researches and interprets current and pending governmental laws and regulations, industry standards and customer and vendor contracts to communicate compliance requirements to the business. Recognized leader in industry forums monitoring developments in regulatory compliance. Threat and Vulnerability Management: Brings expert level skills to research, evaluate, track, and manage information security threats and vulnerabilities in situations where in-depth analysis of ambiguous information is required. Develops new tools and methodologies to carry out analysis, and trains others in their use. Incident Management and response: Brings expert level skills to respond to security events, identifying possible intrusions and responding in line with Oracle incident response playbooks. May operate as Incident Commander on serious incidents. May develop new tools and methodologies to carry out analysis, and trains others in their use. Digital Forensics: Brings expert level skills to conduct data collection, preservation and forensic analysis of digital media independently, where an advanced understanding of forensic techniques is required. Develops new tools and methodologies to carry out analysis, and trains others in their use. Other areas of focus may include duties providing expert level skills and knowledge to manage Information Security Education, Training and Awareness programs. In a Corporate Security role, may manage the creation, review and approval of corporate information security policies. Mentors, trains and supervises other staff. Compiles information and reports for management. Provides expert level guidance regarding information security methods, standards and best practices related to business operational programs, practices and procedures.
Minimum of 12 years experience in information systems, business operations, or related fields, at least 8 years of which must be from at least one of the following: Information security risk management; information security program management; Industry/Government security compliance program management (ISO-27001, GDPR, HIPAA, FedRamp, etc.); threat and vulnerability management; incident management and response; security policy development and enforcement; privacy, information security education, training and awareness (ISETA), information security solutions development, etc. required. Expert level knowledge of: Cloud architecture and security principles. Risk Management Frameworks. *nix and Windows system administration. Experience with logging and log analysis. Preferred but not required qualifications include: Bachelor-level university degree in a relevant field from an accredited university, or equivalent. CISSP, CISM, CISA, CIPP or other equivalent certification. Experience identifying, designing, and deploying attack-mitigation techniques with minimal business impact. Experience managing security incidents in an incident commander role. Comprehensive knowledge of networks, systems, applications and their related data flows. Ability to lead cross-departmental security initiatives and advocate for secure development, networks, and architecture. Demonstrable experience with scripting and automation. Expert level knowledge of web technologies, middleware, database, OS, firewalls, network communication protocols and methods. Knowledge of database security principles. Strong knowledge of encryption technologies and architectures. Experience with identity management principles and technology.
Supports the strengthening of Oracle’s security posture, focusing on one or more of the following: risk management; regulatory compliance; threat and vulnerability management; incident management and response; security policy development and enforcement; privacy; information security education, training and awareness (ISETA); digital forensics and similar focus areas. Risk Management: Brings expert level skills to assesses the information security risk associated with existing and proposed business operational programs, systems, applications, practices and procedures in very highly complex, business-critical environments that may span business units. May conduct and document very highly complex information security risk assessments. May assist in the creation and implementation of security solutions and programs. Regulatory Compliance: Brings expert level skills to manage programs to establish, document and track compliance to industry and government standards and regulations, e.g. ISO-27001, PCI-DSS, HIPAA, FedRAMP, GDPR, etc. Researches and interprets current and pending governmental laws and regulations, industry standards and customer and vendor contracts to communicate compliance requirements to the business. Recognized leader in industry forums monitoring developments in regulatory compliance. Threat and Vulnerability Management: Brings expert level skills to research, evaluate, track, and manage information security threats and vulnerabilities in situations where in-depth analysis of ambiguous information is required. Develops new tools and methodologies to carry out analysis, and trains others in their use. Incident Management and response: Brings expert level skills to respond to security events, identifying possible intrusions and responding in line with Oracle incident response playbooks. May operate as Incident Commander on serious incidents. May develop new tools and methodologies to carry out analysis, and trains others in their use. Digital Forensics: Brings expert level skills to conduct data collection, preservation and forensic analysis of digital media independently, where an advanced understanding of forensic techniques is required. Develops new tools and methodologies to carry out analysis, and trains others in their use. Other areas of focus may include duties providing expert level skills and knowledge to manage Information Security Education, Training and Awareness programs. In a Corporate Security role, may manage the creation, review and approval of corporate information security policies. Mentors, trains and supervises other staff. Compiles information and reports for management. Provides expert level guidance regarding information security methods, standards and best practices related to business operational programs, practices and procedures.
Minimum of 12 years experience in information systems, business operations, or related fields, at least 8 years of which must be from at least one of the following: Information security risk management; information security program management; Industry/Government security compliance program management (ISO-27001, GDPR, HIPAA, FedRamp, etc.); threat and vulnerability management; incident management and response; security policy development and enforcement; privacy, information security education, training and awareness (ISETA), information security solutions development, etc. required. Expert level knowledge of: Cloud architecture and security principles. Risk Management Frameworks. *nix and Windows system administration. Experience with logging and log analysis. Preferred but not required qualifications include: Bachelor-level university degree in a relevant field from an accredited university, or equivalent. CISSP, CISM, CISA, CIPP or other equivalent certification. Experience identifying, designing, and deploying attack-mitigation techniques with minimal business impact. Experience managing security incidents in an incident commander role. Comprehensive knowledge of networks, systems, applications and their related data flows. Ability to lead cross-departmental security initiatives and advocate for secure development, networks, and architecture. Demonstrable experience with scripting and automation. Expert level knowledge of web technologies, middleware, database, OS, firewalls, network communication protocols and methods. Knowledge of database security principles. Strong knowledge of encryption technologies and architectures. Experience with identity management principles and technology.
Get email alerts for the latest"Security Account Manager, Advance Customer Service jobs in Australia"