Security Architecture Specialist 5

Provides advanced level skills and knowledge in the design and review of secure networks, applications, systems, infrastructure, environments and security systems, ensuring  requirements are in line with Corporate information security policies and processes, as well as Line of Business (including Cloud) security standards. 

The Deputy Corporate Security Architect will assist the Corporate Security Architect in all aspects of the office’s current responsibilities with a primary focus on corporate security solution assurance and be capable of functioning as the CSA’s designated alternate when necessary.

The Deputy Corporate Security Architect will report to the Oracle Corporate Security Architect.

Responsibilities include helping set internal information security technical direction while advising and guiding Oracle’s IT departments and lines of business towards deploying information security architectures, solutions, and best practices that advance Oracle's corporate Information Security goals.

The Deputy Corporate Security Architect works closely with all major organizational elements comprising Corporate Security to architect, develop, communicate, and document a corporate information security architecture strategy. The collaboration across the Corporate Security landscape shall include Global Information Security, Global Product Security, Global Physical Security, Privacy & Security Legal, the security leads of Oracle's IT organizations, major lines of business leadership, and designated Information Security Managers.

The Deputy Corporate Security Architect, in working directly with the Corporate Security Architect will:

·         Collaborate with Cloud Development and Operations, IT Security and Risk Management teams, and the Global Business Unit (GBU) organizations' on the development and maintenance of cloud security reference architectures.  This is to include the assessment of specific security-related infrastructure, consulting on architecture and design improvements, and working with delivery organizations to carry them out.  Leverage architecture governance oversight to ensure that cloud security reference architecture patterns are reused to reduce risk, costs, and complexity.

·         Review security-related technical aspects of proposed key initiatives as part of Corporate Security Solution Assurance Process (CSSAP) sign-off. 

·         Guide Cloud, IT, major lines of business and GBU security leads in aligning initiatives with corporate information security goals throughout the project life cycle - from inception through implementation.

·         Work with Oracle Product Development and the IT organizations to drive secure implementations of Oracle technologies within Oracle internally, and to enhance Oracle product security capability to meet internal operational needs.

·         Lead efforts to train and guide the usage of Enterprise Architecture methodologies and frameworks to better align security initiatives across the business and IT landscapes. 

 

Skills, Experience, and Qualifications

·         10+ years of information security experience that includes security architecture design and assessment responsibilities.

·         Practical knowledge of information security systems and secure solution architecture principles and best practices. 

·         Practical knowledge of cloud architecture to include Software as a Service (SaaS), Platform as a Service (PaaS) and Infrastructure as a Service (IaaS).  Must understand security implications from both a cloud provider and tenant perspectives.

·         Practical knowledge of the technology and architectural components of Oracle cloud services and capabilities highly preferred. Must understand business systems, automation services, and life-cycle internals for cloud services. Exposure to Oracle cloud operations and release management a plus.

·         Practical knowledge of virtualization, service-oriented architecture, identity management as a service technologies as well as emerging technologies such as software defined networking (SDN) and software defined data centers, micro-services, and containers are highly desirable 

·         Strong knowledge of Oracle products and solutions

·         Proven strong interpersonal and leadership skills; ability to handle the challenges inherent in driving inter-organizational projects to a timely conclusion.

·         Managing and moderating meetings and workshops with cross functional teams 

·         Multi-task and time-manage concurrent projects and initiatives

·         Proven thought leadership and program or project management experience

·         Excellent verbal and written communication skills

·         Develop technical documentation, architecture, process, and other artifacts

·         Objectively identify concerns across business, technical, operations, and customer perspectives

·         Ability to lead change

·         Leadership and motivational skills

·         Promoting business ethics

·         Conflict management and resolution skills

·         Critical thinking and problem-solving mentality

·         Organizational awareness and sensitivity

·         Process orientation

·         Keen understanding of business drivers and needs

Minimum of 12 years related experience in an information security role supporting security programs and security engineering/architecture in complex enterprise environments. Hands on experience with enterprise security architecture, engineering and implementation required.
Knowledge of compliance program security controls, like ISO 27001, SOC 2, HITRUST, and FedRAMP, as applied to cloud SaaS, PaaS and IaaS operations.
Familiarity with SDLC principles and scripting & programming languages (such as Terraform, Python, and Ruby).
Expert level knowledge of:  Cloud architecture and security principles.  Risk Management Frameworks.  *nix and Windows system administration.
Preferred but not required qualifications include:
Bachelor-level university degree in a relevant field from an accredited university, or equivalent. 
Expert level knowledge of web technologies, middleware, database, OS, firewalls, network communication protocols and methods.
Knowledge of database security principles.
Strong knowledge of encryption technologies and architectures.
Experience with identity management principles and technology.
Experience developing security architecture strategies that align to enterprise architecture strategy and the company's business strategy.
Current CISSP, CISM, or the equivalent.

As a world leader in cloud solutions, Oracle uses tomorrow’s technology to tackle today’s problems. True innovation starts with diverse perspectives and various abilities and backgrounds.

When everyone’s voice is heard, we’re inspired to go beyond what’s been done before. It’s why we’re committed to expanding our inclusive workforce that promotes diverse insights and perspectives.

We’ve partnered with industry-leaders in almost every sector—and continue to thrive after 40+ years of change by operating with integrity.

Oracle careers open the door to global opportunities where work-life balance flourishes. We offer a highly competitive suite of employee benefits designed on the principles of parity and consistency. We put our people first with flexible medical, life insurance and retirement options. We also encourage employees to give back to their communities through our volunteer programs.

We’re committed to including people with disabilities at all stages of the employment process. If you require accessibility assistance or accommodation for a disability at any point, let us know by calling +1 888 404 2494, option one.

Disclaimer:

Oracle is an Equal Employment Opportunity Employer*. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans’ status, or any other characteristic protected by law. Oracle will consider for employment qualified applicants with arrest and conviction records pursuant to applicable law.

* Which includes being a United States Affirmative Action Employer