Cloud Security Analyst
- Cockeysville, MD
Hunter Gibbons has an exciting opportunity to join our client’s team as a Cloud Security Analyst. Excellent Salary + Benefits!
DAY TO DAY SUMMARY:
- Provide design, system administration, maintenance and troubleshooting of role and user access associated with the Oracle Fusion platform and other internal applications.
- Understand and apply information security best practices, standards, technology tools, systems, policies and processes that are required to ensure the protection of access to and modification of sensitive data including financials, Personal Identifiable Information (PII) and compliance with Data Privacy policies.
- Ensure that security is properly configured, and ongoing governance is in place to avoid Segregation of Duties (SoD) conflicts and support security configuration and testing activities associated with implementations and acquisitions.
- Understand and apply information security best practices, standards, technology tools, systems, policies and processes that are required to ensure the protection of access to and modification of sensitive data including financials, Personal Identifiable Information (PII) and compliance with Data Privacy policies
- Partner with Internal Audit, Information Security, and External Auditors to design and maintain the security policies for business applications
- Serve as subject matter expert for Security configuration design and maintenance
- Design and Build custom user security roles per business requirements
- Design and Build data security roles per requirements
- Maintain, update and configure custom security roles utilizing Oracle materials
- Execute scripts to set up new users, as well as add, update and remove roles from users
- Document and perform application set ups from Test to Production instances
- Help identify security role improvements through changes in business practices, standardization or processes
- Implementation of data security policies
- Automation of user role assignment
- Understand definition of SaaS roles (job, duty, data, and abstract roles)
- Unit test role per business requirements to include testing scenarios and test scripts
- Understanding of Segregation of Duties (SOD) frameworks
- Create and execute audit reports
- Build reports using Oracle reporting tools (e.g. OTBI)
- Create/update process documentation for internal controls
- Partner with Internal, External and Compliance auditors to perform audits and information gathering to ensure compliance and segregation of duties are being followed
- Serve as point of contact to SMEs for their Security needs and ensure best practices are effectively communicated and implemented.
- Actively partner with management to ensure effective controls are in place to address key risks.
- Contribute to the implementation of auditing and risk management tools, processes and metrics.
- Ability to apply knowledge and influence other functions regarding best practices or impacts to other processes
- Identify compliance-related issues both internally and externally.
- Implement and modify security roles utilizing internal control change review proces
- Strong understanding of Information Security Management principles, Oracle EBS or Oracle Cloud application security implementation methodologies and role-based access controls.
- Bachelor’s degree in Information Security, Information Technology or equivalent experience.
- Minimum of 3 years of security, segregation of duties, mitigating control development and related testing.
- Experience implementing processes and controls for relevant regulatory requirements including Sarbanes Oxley, GDPR and PCI Compliance
- Ability to work independently and in team setting
- Ability to apply governance rules to access control requests
- Ability to adjust to changing priorities, circumstances and personal interaction styles
- Strong customer service and interpersonal skills necessary to build and maintain relationships and interact well across all levels
- Exhibit strong communication, collaboration and conflict management skills to establish and maintain relationships with IT, business functions and auditors
- Develop risk mitigation strategies and oversee remediation efforts for issues identified during audits or through other risk management efforts.
- Knowledge of RBAC and Governance, Risk and Compliance (GRC)
- Oracle Fusion - HCM and/or ERP Cloud modules, GRC module
Thursday, May 7, 2020