[Remote] Security Analyst 4

Note: The job is a remote job and is open to candidates in USA. Oracle is a world leader in cloud solutions, and they are seeking a Security Analyst 4 to enhance their information security posture. The role involves developing programs to reduce security risks, managing compliance with industry standards, and responding to security incidents. Responsibilities • Supports the strengthening of Oracle’s security posture, focusing on one or more of the following: risk management; regulatory compliance; threat and vulnerability management; incident management and response; security policy development and enforcement; privacy; information security education, training and awareness (ISETA); digital forensics and similar focus areas • Risk Management: Brings advanced level skills to assess the information security risk associated with existing and proposed business operational programs, systems, applications, practices and procedures in very complex, business-critical environments. May conduct and document very complex information security risk assessments. May assist in the creation and implementation of security solutions and programs • Regulatory Compliance: Brings advanced level skills to manage programs to establish, document and track compliance to industry and government standards and regulations, e.g. ISO-27001, PCI-DSS, HIPAA, FedRAMP, GDPR, etc. Researches and interprets current and pending governmental laws and regulations, industry standards and customer and vendor contracts to communicate compliance requirements to the business. Participates in industry forums monitoring developments in regulatory compliance • Threat and Vulnerability Management: Brings advanced level skills to research, evaluate, track, and manage information security threats and vulnerabilities in situations where in-depth analysis of ambiguous information is required • Incident Management and response: Brings advanced level skills to respond to security events, identifying possible intrusions and responding in line with Oracle incident response playbooks. May operate as Incident Commander on serious incidents • Digital Forensics: Brings advanced level skills to conduct data collection, preservation and forensic analysis of digital media independently, where an advanced understanding of forensic techniques is required • Other areas of focus may include duties providing advanced level skills and knowledge to manage Information Security Education, Training and Awareness programs. In a Corporate Security role, may manage the creation, review and approval of corporate information security policies • Mentors and trains other team members • Compiles information and reports for management Skills • 6 to 10+ years of experience in information security • Ability to read, write, and speak English • Advanced level skills in risk management, regulatory compliance, threat and vulnerability management, incident management and response, digital forensics, and information security education, training and awareness • Experience conducting and documenting complex information security risk assessments • Experience managing compliance programs to industry and government standards and regulations (e.g., ISO-27001, PCI-DSS, HIPAA, FedRAMP, GDPR) • Ability to research and interpret governmental laws and regulations, industry standards, and customer and vendor contracts • Experience responding to security events and operating as Incident Commander on serious incidents • Ability to conduct data collection, preservation, and forensic analysis of digital media • Experience mentoring and training team members • Ability to compile information and reports for management Benefits • Medical, dental, and vision insurance, including expert medical opinion • Short term disability and long term disability • Life insurance and AD&D • Supplemental life insurance (Employee/Spouse/Child) • Health care and dependent care Flexible Spending Accounts • Pre-tax commuter and parking benefits • 401(k) Savings and Investment Plan with company match • Paid time off: Flexible Vacation is provided to all eligible employees assigned to a salaried (non-overtime eligible) position. Accrued Vacation is provided to all other employees eligible for vacation benefits. For employees working at least 35 hours per week, the vacation accrual rate is 13 days annually for the first three years of employment and 18 days annually for subsequent years of employment. Vacation accrual is prorated for employees working between 20 and 34 hours per week. Employees working fewer than 20 hours per week are not eligible for vacation. • 11 paid holidays • Paid sick leave: 72 hours of paid sick leave upon date of hire. Refreshes each calendar year. Unused balance will carry over each year up to a maximum cap of 112 hours. • Paid parental leave • Adoption assistance • Employee Stock Purchase Plan • Financial planning and group legal • Voluntary benefits including auto, homeowner and pet insurance Company Overview • NetSuite is cloud computing company dedicated to delivering business applications over the internet. It was founded in 1998, and is headquartered in Redwood Shores, California, USA, with a workforce of 10001+ employees. Its website is Apply tot his job