Principal Information Security Compliance Analyst

Principal Information Security Compliance Analyst

Join Oracle to apply for the Principal Information Security Compliance Analyst role.

The successful candidate will maintain, monitor, and support FedRAMP and DoD cloud authorizations for U.S. government agencies and subcontractors. The Analyst champions continuous authorization upkeep‑keeping documentation, processes, and policies current and effective.

• Experience with FedRAMP and Department of Defense (DoD) Risk Management Framework (RMF) and risk assessment tools.
• Detailed understanding of the NIST 800-53 control catalog, FedRAMP SAF, and DoD Cloud Computing Security Requirements Guide (SRG).
• Working experience with DISA Security Technical Implementation Guides (STIGs).
• Thorough understanding of the latest security principles, techniques, and protocols.
• Fundamental knowledge of security systems, including firewalls, IDS, antivirus software, authentication systems, log management, and content filtering.
• Ability to communicate security issues to peers, management, customers, and end‑users.
• Excellent problem‑solving skills and ability to work under pressure.
• U.S. citizenship with eligibility to obtain a U.S. security clearance.

• Working knowledge of production information systems in a global IaaS/PaaS/SaaS environment.
• Familiarity with web‑related technologies (web applications, web services, SOA) and related protocols.
• Knowledge of application security standards and requirements.
• Fundamental understanding of OWASP Top‑10.
• Experience in risk, information security, business continuity, quality, and environmental management.
• Strong multi‑tasker with keen attention to detail.
• Organized and thrives in fast‑paced, high‑stress scenarios.

• Manage and maintain FedRAMP, DoD RMF, and other U.S. cloud authorization initiatives.
• Design, develop, and maintain information security processes and documentation, including the Systems Security Plan (SSP) for FedRAMP.
• Manage and monitor progress against commitments for remediation activities and action items in a POA&M.
• Support, facilitate, and engage with auditors and business teams during certification audits.
• Maintain business relationships with stakeholders on information security requirements.
• Organize, integrate, and build synergy across compliance programs to facilitate compliance with statutory, regulatory, contractual, and standard requirements.

• Provide expertise on information security and business continuity projects.
• Manage document reviews and approval workflows.
• Collaborate with regional business units to ensure practical plans are in place.
• Conduct risk assessments of assets, projects, and processes in SaaS and IaaS environments.

U.S. citizen; eligible for U.S. security clearance. The role may require compliance with applicable occupational health mandates and vaccination requirements.

U.S.:
Hiring range $104,200 – $223,400 per year. Candidates may be eligible for bonus and equity.

Oracle offers a comprehensive benefits package, including:

• Medical, dental, and vision insurance.
• Short‑term and long‑term disability insurance.
• Life insurance and AD&D.
• Supplemental life insurance for employees, spouses, and children.
• Health care and dependent care flexible spending accounts.
• Pre‑tax commuter and parking benefits.
• 401(k) savings and investment plan with company match.
• Paid time off, including vacation, sick leave, and paid parental leave.
• Adoption assistance.
• Employee Stock Purchase Plan.
• Financial planning and group legal services.
• Voluntary benefits such as auto, homeowner, and pet insurance.

Oracle is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability, or protected veteran status. Oracle will consider applicants with arrest and conviction records pursuant to applicable law.