Oracle Application Security Analyst

Summary:

The Oracle Application Security Analyst is an essential member of the governance and program management team within Willis Towers Watson Corporate Platforms.  This team is responsible for management and delivery of the entire portfolio of projects within Corporate Applications, a scope which encompasses Oracle EBS/ERP applications, Business Intelligence and data warehouse deployments, Finance and HR-related reporting projects.

The role requires a combination of strong functional and technology background, leadership skills, analytical skills and business acumen in order to manage key relationships between internal Business Sponsors and Corporate platform team, ensuring that the delivery of technology solutions complies fully with leading practices and internal firm policies, while supporting Organization strategy and objectives.

Role:

• Point of contact for all Corporate Platforms Oracle HCM and EBS R12 security and control support. 
• Evaluate Oracle security operational design and effectiveness throughout key business process cycles 
• Lead Corporate Platforms ERP application Security project.
• Maintain adequate relationship with the Corporate business team to identify opportunities for improvement in security and controls within Oracle on-premises and cloud environments.
• Provides and review ongoing SOC/SOX assessment metrics and questionnaires for leadership consumption at all levels in the organization. 
• Design, advise, test, implement and document security access model and align segregation of duties and security profiles.
• Works with the IT senior leadership team on the service portfolio and governance required to prioritize resources.
• Lead, train and supervises team members in Oracle security best practice using OUM.
• Manage project engagements at a high level and assist with a wide range of innovative by leveraging risk-based approach.
• Form, and enable, regular engagement between Corporate Platforms security and cybersecurity team.
• Be proactive in understanding internal security policy and guiding its application within the context of Corporate Platforms.
• Conversant with Industry best practice and WTW cloud/platform Information Security Policy.
• Helps ensure compliance with and responsiveness to Internal Audit requirements.

Requirements:

• Minimum of 5 years’ experience in implementing and supporting Oracle EBS R12, Oracle Cloud (Finance/ HCM) security.
• 2-3 years of experience leading security design and Implementation in large and complex projects.
• Advance knowledge and understanding of OTBI Administration.
• Understanding of various functional areas within Oracle EBs R12 and Oracle Cloud (HCM, Financial models).
• Proven capabilities in addressing compliance and security concerns in a global environment.
• Understanding of risk management, business continuity and quality assurance, 
• Knowledge of Security Operations and Cloud Platform (SaaS, IaaS and PaaS).
• Experience working with development teams to ensure controls are integrated into applications, and with analyst teams to ensure controls are integrated into functional processes.
• Ability to monitor, analyze and identify functional security gaps, analyze alerts information from all approved security devices, collection techniques and designated system logs.
• In-depth understanding of diverse information systems, compliance requirements, and computer systems.
• CISA, CISSP, or related cloud-based security certifications, not required, but preferred 
• BS/BA degree in a relevant Business or Information Technology area.
• Exceptional written and oral communication skills, with a demonstrated ability to form alliances, collaborate with internal clients, and fulfill business needs.
• Experience developing business cases, requirements documentation, test plans, status reports. 
• A strong understanding of PL/SQL, SDLC methodologies, including Waterfall and Agile, is a plus.