Senior ERP Security Administrator

About The Position

Requirements

• Bachelor’s degree
• Four years of work-related experience
• Expertise in Oracle ERP security architecture and administration, and an understanding of Banner ERP security architecture and administration
• Knowledge of higher education compliance frameworks (FERPA, HIPAA, GLBA, PCI-DSS, NIST 800-171)
• Strong understanding of user administration for ERP systems
• Ability to perform ERP security audits, risk assessments, and role-based access reviews
• Hands-on experience with role provisioning, security policies, and access controls in Oracle ERP, and knowledge of Banner ERP
• Strong analytical and troubleshooting skills for ERP security access and role conflicts
• Effective communication and collaboration skills for working with university IT, administrative, and compliance teams
• Familiarity with security automation tools, monitoring solutions, and audit logs in ERP environments

Responsibilities

• Develop, implement, and manage security policies and access controls for ERP systems at Rice University
• Ensure ERP security aligns with university policies, compliance requirements, and IT governance frameworks
• Administer role-based access control (RBAC), enforcing least privilege and segregation of duties (SoD)
• Monitor ERP security logs, access activities, and potential security threats, escalating issues as needed
• Collaborate with university departments (Finance, HR, IT, Compliance) to ensure secure ERP configurations
• Conduct periodic user access reviews and security audits to maintain compliance with regulatory standards
• Work with external auditors and regulatory bodies to ensure ERP security meets required standards
• Provide guidance on security best practices to university staff, faculty, and administrators
• Assist in ERP system upgrades, migrations, and integrations, ensuring security remains a priority
• Research and recommend security tools and enhancements for ERP systems at Rice University
• Collaborate with Rice ERP teams to define policies, procedures, and architecture for ERP systems
• Support data governance initiatives by enforcing ERP data security and access management policies
• Work with external vendors and consultants to improve ERP security configurations and audits
• Collaborate with system and service owners to define and manage ERP security roles, profiles, and permissions to protect sensitive university data
• Conduct security risk assessments and access reviews, ensuring compliance with FERPA, HIPAA, GLBA, and PCI-DSS
• Work with system and service owners to configure, document, and maintain security policies within Rice ERP systems, including the management of user provisioning and de-provisioning
• Ensure data security, encryption, and role-based access compliance across ERP applications
• Collaborate with Rice University IT security teams to integrate ERP security with broader cybersecurity initiatives
• Respond to and investigate security incidents, unauthorized access, and compliance violations
• Develop security training materials and provide awareness programs for ERP users across the university
• Audit to ensure ERP security settings remain up to date with patches, upgrades, and best practices