Given the breadth and complexity of the hundreds of products and services developed and provided by Oracle, there are many vastly different attributes (including education,
skills, knowledge, experience, and abilities) required for specific roles within this job code. Consult with your manager about the specific expectations for your role and career
progression within your organization.
Description
Manage a team that is responsible for the information security function, including but not limited to information technology security controls and architecture, information privacy, incident response/investigations and digital forensics, disaster recovery and business continuity, regulatory compliance, communication and training for information security initiatives.
Responsibilities
Leads a small team maintaining and/or implementing information security policies and procedures.
Supervises the development, deployment and execution of controls and defenses to ensure the security and risk mitigation of company infrastructure technology and information systems.
Identifies security architecture, goals, objectives and metrics; analyzes business needs and priorities for protection of critical systems.
Monitor security programs and assurance, e.g. threat and vulnerabilities management, incident response management, management of forensic investigations.
Evaluates potential business impacts from security breaches and provides guidance to business decision-makers.
Assists with the development and execution of security systems compliance policies and procedures. Selects, develops and evaluates personnel to ensure the efficient operation of the function.
Qualifications
Minimum 6-10+ years experience in the Information Security field required.
Preferred but not required qualifications include:
Bachelor-level university degree in a relevant field from an accredited university, or equivalent.
Previous experience as dotted line manager, vendor manager, employee mentor or technical lead.
Preferred Certifications:
CISSP, CISM, CEH, etc
Career Level - M3
Manages a team maintaining and/or implementing information security policies and procedures.
Manages the development, deployment and execution of controls and defenses to ensure the security and risk mitigation of company infrastructure technology and information systems.
Identifies security architecture, goals, objectives and metrics; analyzes business needs and priorities for protection of critical systems.
Manage security programs and assurance, e.g. threat and vulnerabilities management, incident response management, management of forensic investigations.
Evaluates potential business impacts from security breaches and provides guidance to business decision-makers.