Principal Regulatory Compliance Specialist

Principal Regulatory Compliance Specialist

Join to apply for the Principal Regulatory Compliance Specialist role at Oracle.

Assists and supports the organization in complying with, as well as the ongoing preparation, testing and monitoring of conformance to, the requirements of government regulations and/or regulatory agencies specific to Information security requirements.

Leading contributor individually and as a team member, providing direction and mentoring to others. Work is non routine and very complex, involving the application of advanced technical/business skills in area of specialization. Ability to travel. 6 plus years' experience. BA/BS or advanced degree preferred. 5 7 years work in governance and compliance for a large corporation. Preferred candidate with certification CISA, CISM, and CISSP. Strong knowledge of IT and/or quality auditing and controls, preferable with NCA CCC, ECC, DESC, SOX, SSAE 16 - SOC 1 & SOC 2, PCI compliance, ISO 27001 & ISO 27002 and/or ISO 9001. Knowledge and understanding of the delivery process for validated systems; specifically, Computer System Validation process or CSV. Have an understanding of security and/or quality management system standards and risk management. Experience working in Information Technology, Cloud or managed hosting services. Excellent written and verbal communication skills. Ability to adjust and adapt to changing priorities in a dynamic environment. Technical acumen and the ability to understand and interpret technical specifications. Technical knowledge of Oracle cloud infrastructure components. Project Management skills.

Responsibilities

Performs evaluation of internal operations, controls, communications, risk assessments and maintenance of documentation as related to regulatory compliance and recommends appropriate changes. Conducts and facilitates internal and external audits to identify, evaluate, disclose and appropriately remedy risks and deficiencies. Coordinates the preparation of and may prepare document packages for regulatory submissions from all areas of company as well as for internal and external audits and inspections. May serve as point of contact for interactions with regulatory agencies for defined matters. Management systems. Review specifications. Develop training for cloud services, on industry regulatory specifications applicable to their products and services. Identify industry requirements applicable to OCI, and work with members of OCI Service teams and operations teams to incorporate applicable industry regulatory standards, Oracle security and/or quality policies and customer contractual obligations into OCI processes and standards. Coordinate industry and regulatory certifications, including managing certification vendors (e.g., NCA CCC ECC, ISO, GSMA, SOC). Build management level metrics and reporting for activities that are owned by the Risk Manager. Execute a vendor security and/or quality management program.

Qualifications

Career Level - IC4. 6+ years of experience in governance and compliance for a large corporation, with strong knowledge of IT and quality auditing controls, including NCA CCC, ECC, DESC, SOX, SSAE 16 - SOC 1 & SOC 2, PCI, ISO 27001, ISO 27002, ISO 9001. Preferred certifications: CISA, CISM, CISSP. Advanced degree preferred. Excellent written and verbal communication skills. Ability to adjust to changing priorities in a dynamic environment. Technical acumen and knowledge of Oracle cloud infrastructure components. Project Management skills. Ability to travel.

The Oracle Equal Employment Opportunity Employer statement and reference to legal compliance are withheld here for brevity, ensuring full EEO disclosure is available in the original posting.

Equal Employment Opportunity Statement

Oracle is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans' status, or any other characteristic protected by law. Oracle will consider for employment qualified applicants with arrest and conviction records pursuant to applicable law.