Principal Information Security Compliance Analyst

Oracle•Nashville, TN

62d

About The Position

Successful candidate will be responsible for maintaining, monitoring and supporting FedRAMP and DoD cloud authorization supporting US government agencies and their subcontractors. The Information Security Compliance Analyst is expected to champion the upkeep of authorization throughout the business, working with others to ensure documentation is kept up-to-date and processes and policies are appropriate. As a world leader in cloud solutions, Oracle uses tomorrow's technology to tackle today's challenges. We've partnered with industry-leaders in almost every sector-and continue to thrive after 40+ years of change by operating with integrity. We know that true innovation starts when everyone is empowered to contribute. That's why we're committed to growing an inclusive workforce that promotes opportunities for all. Oracle careers open the door to global opportunities where work-life balance flourishes. We offer competitive benefits based on parity and consistency and support our people with flexible medical, life insurance, and retirement options. We also encourage employees to give back to their communities through our volunteer programs. We're committed to including people with disabilities at all stages of the employment process. If you require accessibility assistance or accommodation for a disability at any point, let us know by emailing [email protected] or by calling +1 888 404 2494 in the United States. Oracle is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans' status, or any other characteristic protected by law. Oracle will consider for employment qualified applicants with arrest and conviction records pursuant to applicable law.

Requirements

Experience with FedRAMP and Department of Defense (DoD) Risk Management Framework (RMF) and risk assessment tools
Detailed understanding of the NIST 800-53 control catalog, FedRAMP Security Assessment Framework (SAF), and DoD Cloud Computing Security Requirements Guide (SRG)
Working experience with DISA Security Technical Implementation Guides STIGs
Thorough understanding of the latest security principles, techniques, and protocols
Fundamental understanding of security systems, including firewalls, intrusion detection systems, anti-virus software, authentication systems, log management, content filtering, etc.
Ability to communicate security issues to peers, management, customers, and end-users
Excellent problem-solving skills and ability to work under pressure
US Citizens with ability to obtain a US security clearance

Nice To Haves

Working knowledge of production information system in a global IaaS, PaaS, SaaS environment
Familiarity with web related technologies (Web applications, Web Services, Service Oriented Architectures) and of network/web related protocols
Knowledge of standards and requirements with application security
Fundamental Understanding of the OWASP (Open Web Application Security Project) top 10
Knowledge and expertise in disciplines/ business functions and projects of risk, information security, business continuity, quality and environment management
A strong multi-tasker with a keen eye for detail
Organized and thrive in fast-paced, high-stress scenarios