Full Job DescriptionCome join the fastest growing Cloud organization with world-class engineering and laser focus on excellence.
Oracle’s extensive enterprise customer base is looking for rock-solid cloud solutions that provide the same reliability and effectiveness that they have come to expect from Oracle. Oracle Cloud Infrastructure (OCI) provides highly cost effective and high performance IaaS & PaaS Cloud solutions to its customer and they come to expect industry-leading security and compliance programs, creating a stable and highly-effective foundation for their workloads and an infrastructure that meets their security and compliance needs.
We are looking for a Regulatory Compliance Senior Manager who is looking to grow their career in Cloud. You will be responsible for leading scalable audit programs to support Oracle Cloud Infrastructure’s growth in regulated markets within the APAC region.
Functions include:
Manage and grow a team of regulatory compliance specialists who plan, manage, lead, and execute multiple audit programs within OCI with third-party auditors
Manage a team responsible for providing high quality, professional day-to-day execution of audit engagements
Implement strategy and guidance for the compliance and assurance team and directing and empowering the team members’ efforts and specific outputs, including maintenance of current and obtaining new compliance and regulatory assurance reports
Manage and grow the team to encompass collaboration and engagement within the Oracle Cloud Compliance Assurance team and other OCI teams
Evaluate the effectiveness of controls and corresponding evidence in alignment with audit framework requirements
Provide high quality, professional day-to-day execution of audit engagements
Own interactions with third party auditors that exhibit control understanding and confidence
Ability to communicate in remote working environments over video, phone, email, and other tools
Provide clear expectations and direction to security and engineering teams within OCI on audit requirements
Review audit evidence from the businesses within OCI and analyze for auditor consumption
Communicate within the team autonomously and drive communication across partner teams
Drive project scheduling, tracking, and communications up to executive level management
Own decision making and can prioritize projects based on business need
Build, manage, and enhance the efficiency of audit programs as the business scales
Collaborate with subject matter experts to refine operating processes to increase the value and scale of our audit programs and decrease the operational impact to OCI
The ideal candidate will have the following skills:
8+ years audit program management experience with either a “Big 4� accounting firm, or a mid-level accounting firm.
6+ years team management experience
4+ years mentoring and coaching junior staff members
4+ years of above experience in the IT or Cloud industry is preferred
Knowledge of industry and regulatory frameworks is preferable, such as, DESC, OSPAR, IAR, ADISS, MeitY, FSI Korea, ISMS Korea
Demonstrates ability to identify problem areas in a program and build projects to correct, enhance, reduce the impact of those issues
Proven ability to combine business acumen, technical acumen and process expertise to define client (internal/external) engagement and program execution
Proven ability to influence & gain buy-in at multiple levels, across divisions, functions and cultures; comfort working with executive level management
Demonstrated ability to achieve results through cross-functional, virtual teams
Possess ability to explain complex auditing topics to audiences with no auditing experience
Ability to prioritize, manage, and deliver on multiple projects simultaneously and partner with management in support of key initiatives and projects
Strong bias toward action, flexible, resourceful, and able to operate effectively within a dynamic, fast-paced environment
Superior communication skills (interpersonal, verbal, presentation written, email, tickets, etc.)
JIRA and Confluence experience strongly preferred
Display a demonstrated ability to think broadly and strategically
Maturity, judgment, negotiation/influence skills, analytical skills, and leadership skills
Team leadership expertise
Attention to detail, proven analytical and problem-solving skills
Bachelor’s degree or equivalent experience
PMP, PgMP, CISA, CISM, CISSP, CIPP, desired
Manages the ongoing preparation, testing, and monitoring of compliance with information security standards and government regulations and regulatory agencies as it relates to the design, development, and deployment of products and services.
The Senior Manager, Risk Management and Regulatory Compliance, will coordinate closely with operations teams which may include Global Business Units, Corporate Security, and with Oracle Legal. Responsibilities include developing and maintaining comprehensive information security and regulatory oversight program, including standards for product and service design aligned with Oracle Software Security Assurance and Security Architecture Review standards. Will be responsible for managing information security risks and managing compliance team. Will educate through training members on information security and industry regulatory standards applicable to their products and services. Work with respective teams which may include GBU development, operations, and service, to incorporate applicable industry regulatory standards, Oracle security policies and customer-contractual obligations into processes and standards. Work with Corporate Security and Business Assessment and Audit to evaluate product and service line security and regulatory compliance on an ongoing basis. Work with Legal to evaluate changes in applicable laws and regulations and impact on products and services. Work with Corporate Development and Legal to evaluate potential acquisitions for regulatory issues. Administrate industry and regulatory certifications, including managing certification vendors (e.g., PCI, HIPAA, HITECH, ISO).
Manages and controls activities in multi-functional areas or sections. Ensures appropriate operational planning is effectively executed to meet Corporate specifications. Prior experience in large corporation or major law firm preferable. Deep understanding of hardware, software, Internet/cloud services security standards and practices. 3 – 5 years in regulated industry compliance and oversight. Bachelor degree; law or other graduate degree applicable to regulatory oversight preferable.
Innovation starts with inclusion at Oracle. We are committed to creating a workplace where all kinds of people can be themselves and do their best work. It’s when everyone’s voice is heard and valued, that we are inspired to go beyond what’s been done before. That’s why we need people with diverse backgrounds, beliefs, and abilities to help us create the future, and are proud to be an affirmative-action equal opportunity employer.
Oracle is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans status, age, or any other characteristic protected by law. Oracle will consider for employment qualified applicants with arrest and conviction records pursuant to applicable law.