• Third Party Criticality & Resiliency Expert

    OracleSacramento, CA 94278

    Job #2743534035

  • Job Description

    Strategic Planning

    • Develop and implement strategic plans to assess and enhance third party criticality and resiliency.

    • Identify and prioritize critical third party's based on their impact on Oracle's operations and supply chain.

    • Establish and maintain a framework for continuous monitoring and improvement of third party resiliency and criticality.

    Risk Assessment and Management

    • Ensure comprehensive risk assessments of key third party's business continuity and resiliency plans are undertaken by Lines of Business.

    • Identify vulnerabilities and develop mitigation strategies to address potential disruptions.

    • Collaborate with Lines of Business and these to Third-Parties to ensure alignment with Oracle's risk management and resiliency standards.

    Third Party Due Diligence and Audits

    • Conduct thorough due diligence reviews on new and existing Third Party's to verify compliance with resiliency and criticality requirements.

    • Oversee regular audits of Third Party risk management practices, business continuity plans, and criticality assessments.

    • Ensure Third Party adherence to contractual obligations related to resiliency and criticality.

    Collaboration and Stakeholder Engagement

    • Work collaboratively x-LoB to integrate third party criticality and resiliency into broader business strategies.

    • Act as the primary GIS point of contact for third party resiliency and criticality issues and coordinate with third party's on improvement initiatives.

    • Communicate insights, findings, and recommendations to senior management and key stakeholders.

    Incident Response and Recovery

    • Lead the development and testing of incident response and recovery plans involving critical third party's.

    • Coordinate and manage responses to incidents affecting critical third party's and the supply chain.

    • Analyze the impact of disruptions on the supply chain and implement corrective actions.

    Continuous Improvement and Innovation

    • Stay updated on industry trends, regulatory changes, and good practices in third party resiliency and criticality.

    • Drive continuous improvement initiatives to enhance third party risk management and resiliency programs.

    • Innovate and implement new tools, technologies, and methodologies to improve third party resiliency and criticality assessments.

    Career Level - IC5

    Responsibilities

    Supports the strengthening of Oracle's security posture, focusing on one or more of the following: risk management; regulatory compliance; threat and vulnerability management; incident management and response; security policy development and enforcement; privacy; information security education, training and awareness (ISETA); digital forensics and similar focus areas.

    Risk Management: Brings expert level skills to assesses the information security risk associated with existing and proposed business operational programs, systems, applications, practices and procedures in very highly complex, business-critical environments that may span business units. May conduct and document very highly complex information security risk assessments. May assist in the creation and implementation of security solutions and programs.

    Regulatory Compliance: Brings expert level skills to manage programs to establish, document and track compliance to industry and government standards and regulations, e.g. ISO-27001, PCI-DSS, HIPAA, FedRAMP, GDPR, etc. Researches and interprets current and pending governmental laws and regulations, industry standards and customer and vendor contracts to communicate compliance requirements to the business. Recognized leader in industry forums monitoring developments in regulatory compliance.

    Threat and Vulnerability Management: Brings expert level skills to research, evaluate, track, and manage information security threats and vulnerabilities in situations where in-depth analysis of ambiguous information is required. Develops new tools and methodologies to carry out analysis, and trains others in their use.

    Incident Management and response: Brings expert level skills to respond to security events, identifying possible intrusions and responding in line with Oracle incident response playbooks. May operate as Incident Commander on serious incidents. May develop new tools and methodologies to carry out analysis, and trains others in their use.

    Digital Forensics: Brings expert level skills to conduct data collection, preservation and forensic analysis of digital media independently, where an advanced understanding of forensic techniques is required. Develops new tools and methodologies to carry out analysis, and trains others in their use.

    Other areas of focus may include duties providing expert level skills and knowledge to manage Information Security Education, Training and Awareness programs. In a Corporate Security role, may manage the creation, review and approval of corporate information security policies.

    Mentors, trains and supervises other staff.

    Compiles information and reports for management.

    Provides expert level guidance regarding information security methods, standards and best practices related to business operational programs, practices and procedures.

    Disclaimer

    Certain US customer or client-facing roles may be required to comply with applicable requirements, such as immunization and occupational health mandates.

    Range and benefit information provided in this posting are specific to the stated locations only

    US: Hiring Range: from $117,800 to $251,600 per annum. May be eligible for bonus, equity, and compensation deferral.

    Oracle maintains broad salary ranges for its roles in order to account for variations in knowledge, skills, experience, market conditions and locations, as well as reflect Oracle's differing products, industries and lines of business.

    Candidates are typically placed into the range based on the preceding factors as well as internal peer equity.

    Oracle US offers a comprehensive benefits package which includes the following

    1. Medical, dental, and vision insurance, including expert medical opinion

    2. Short term disability and long term disability

    3. Life insurance and AD&D

    4. Supplemental life insurance (Employee/Spouse/Child)

    5. Health care and dependent care Flexible Spending Accounts

    6. Pre-tax commuter and parking benefits

    7. 401(k) Savings and Investment Plan with company match

    8. Paid time off: Flexible Vacation is provided to all eligible employees assigned to a salaried (non-overtime eligible) position. Accrued Vacation is provided to all other employees eligible for vacation benefits. For employees working at least 35 hours per week, the vacation accrual rate is 13 days annually for the first three years of employment and 18 days annually for subsequent years of employment. Vacation accrual is prorated for employees working between 20 and 34 hours per week. Employees working fewer than 20 hours per week are not eligible for vacation.

    9. 11 paid holidays

    10. Paid sick leave: 72 hours of paid sick leave upon date of hire. Refreshes each calendar year. Unused balance will carry over each year up to a maximum cap of 112 hours.

    11. Paid parental leave

    12. Adoption assistance

    13. Employee Stock Purchase Plan

    14. Financial planning and group legal

    15. Voluntary benefits including auto, homeowner and pet insurance

    The role will generally accept applications for at least three calendar days from the posting date or as long as the job remains posted.

    About Us

    As a world leader in cloud solutions, Oracle uses tomorrow's technology to tackle today's problems. True innovation starts with diverse perspectives and various abilities and backgrounds.

    When everyone's voice is heard, we're inspired to go beyond what's been done before. It's why we're committed to expanding our inclusive workforce that promotes diverse insights and perspectives.

    We've partnered with industry-leaders in almost every sector-and continue to thrive after 40+ years of change by operating with integrity.

    Oracle careers open the door to global opportunities where work-life balance flourishes. We offer a highly competitive suite of employee benefits designed on the principles of parity and consistency. We put our people first with flexible medical, life insurance and retirement options. We also encourage employees to give back to their communities through our volunteer programs.

    We're committed to including people with disabilities at all stages of the employment process. If you require accessibility assistance or accommodation for a disability at any point, let us know by calling +~~~, option one.

    Disclaimer:

    Oracle is an Equal Employment Opportunity Employer*. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans' status, or any other characteristic protected by law. Oracle will consider for employment qualified applicants with arrest and conviction records pursuant to applicable law.

    *** Which includes being a United States Affirmative Action Employer**