Oracle Health Client Advocacy and Compliance Strategy (CACS) under Security and Compliance Organization focuses on protecting client healthcare data through secure healthcare applications, networks, and communications as it relates to clients’ regulations, standards, policies, and operational mandates. We manage client relationships to strategize, prioritize and meet contractual obligations for security compliance. CACS has an opportunity available for an experienced energetic, motivated, cyber security analyst to support our federal and commercial customers. The successful candidate will be responsible for providing security analysis and Cybersecurity support for our federal clients. The cyber security analyst has experience with NIST 800-37,” Guide to Applying Risk Management Framework to Federal Information Systems,” NIST 800-53rev5 “Security and Privacy Controls for Information Systems and Organizations,” and NIST 800-171, “Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations,” Cyber Security Policy and security engineering principles. The successful candidate must be well versed in applicable laws and standards such as HIPPA, HITECH, and NIST 800-53, NIST 800-171 to implement secure applications, and networks. They must have familiarity and experience in the implementation of cyber security requirements to follow FISMA and FedRAMP guidelines.
Essential Functions and Job Responsibilities:
Duties and responsibilities may include, but are not limited to:
- Assess the Cyber Security risk of application, technologies and networks migrating to Oracle Cloud Infrastructure and documenting in formal risk assessments and supporting artifacts associated with the Federal Assessment and Authorization process
- Identify security risks through the security impact analysis and system risk assessments
- Apply knowledge of security principles, policy, and regulations to daily tasking
- Provide IT security engineering support to cross-functional project teams to ensure that security policies, processes, and controls are adhered to, planned for, and implemented throughout the project lifecycle
- Knowledgeable working in the FedRAMP cloud environment understanding IaaS, PaaS, and SaaS in regard to cloud service provider security control responsibilities and customer responsibilities
- Effectively and efficiently communicate and collaborate with external and internal customers to analyze and monitor a project’s security posture and status
- Able to lead a small team of security analyst and / or tasks
- Effectively following-up with key project team members
- Engage with client on security matters
- Able to be task lead to small team of Cyber Security Analysts to provide deliverables and services to government client.
Career Level - IC4