Position: Oracle Business Security Analyst 

Role Overview:

We are looking for a committed Oracle Business Security Analyst to join our team, reporting to the Controls and Compliance Supervisor. This position involves a combination of planning, evaluating, designing, and implementing business security and data security access management, specifically tailored to meet least privilege role-based access control requirements for Oracle Fusion Cloud Enterprise Resource Planning (ERP), Oracle Cloud Enterprise Performance Management (EPM), Oracle Data Relationship Management (DRM), Maximo and PowerPlan applications. The individual in this role will serve as the subject matter expert on role functionality configurations and access management for all users supporting business processes. The ideal candidate will work closely with the Oracle Security, Controls and Compliance, Governance teams, Business departments, and end-users to ensure proper role configuration and access are provided and appropriate. Key focus areas include, but are not limited to, role/functionality design, configuration, segregation of duties, security/data security access management, and controls over business processes.

Key Responsibilities:

Perform IT and business security assessments, design, and implementation services for Oracle Cloud ERP, Oracle Cloud EPM, DRM, Maximo and PowerPlan with an emphasis on role security and data access configurations, segregation of duties, to support business processes. Oversee user access provisioning and identity synchronization in accordance with organization-defined data security policies and the user role matrix. Evaluate the design and effectiveness of Oracle, DRM, Maximo and PowerPlan security access roles and functionalities, and conduct Separation of Duties assessments across key business process cycles and integrated applications. Examine and audit end-user accounts, permissions, and access rights to ensure alignment with segregation of duties and security profiles, in compliance with SOX requirements. Collaborate with the Oracle Security, Controls and Compliance, Business Operations and Governance teams to support role functionality development, address business process and access requirements, and manage user access issues through triage, troubleshooting, and resolution. Work closely with various business departments and users to identify and improve security access, emphasizing least privilege and segregation of duties. Maintain the Cool Compliance access management platform used to automated roles access request, approvals, provisioning, and de-provisioning to support access for Oracle Cloud ERP, EPM, DRM, Maximo and PowerPlan. Maintenance includes developing and maintaining role rules, internal and external not rules and approval workflows in promoting tool automation. Collaborate with internal and external auditors, as well as internal controls and compliance teams, to ensure adherence to SOX compliance, security access standards, and data security regulations, while providing necessary support and documentation. Maintain tools supporting the overall access management process ensuring users have the access needed to perform their jobs efficiently. This includes configuring workflows, streamline operations and automating self-service capabilities where suitable. Create and implement security access processes and procedures for Oracle Cloud ERP, EPM, DRM, Maximo, PowerPlan and associated compliance frameworks.

Requirements:

Bachelor’s degree in computer science, Information Technology, Accounting, Finance, or Business, or related degree required At least two years of recent experience in implementing financial applications with a focus on Oracle Cloud ERP, EPM, DRM or similar applications such as SAP security and administration, including expertise in designing and implementing security role access for Accounting, Finance, and Treasury processes OR three years business access experience in a similar role or system required. This includes user provisioning, role-based access control, and ensuring least privilege access to support said business processes. (Maximo and PowerPlan experience is a plus) Possess strong technical problem-solving skills with the ability to work independently as well as collaboratively in a collaborative environment Excellent organizational skills, along with strong written and verbal communication and presentation abilities Must be highly self-motivated Solid understanding of Segregation of Duties (SOD), the ability to identify and assess access risks, personally identifiable information (PII), and internal controls. Strong time management skills and the ability to work under pressure to meet deadlines, manage multiple tasks, and set priorities

Preferred:

In place of extensive knowledge and experience in an Oracle Cloud ERP, EPM, DRM, Maximo and PowerPlan security roles, experience in a senior-level position within a business process where you have collaborated on role-based least privilege access processes is acceptable. This includes providing insight and direction on identifying role design for user job responsibilities, considering SOD, approving user provisioning, and managing security/data access to support role-based access control and least privilege access. Experience and familiarity with standard Accounting, Finance, and Treasury business processes, along with knowledge of job responsibilities required across various Oracle Cloud, Maximo and PowerPlan operational areas Oracle Risk Management Cloud Certified Implementation Specialist Certification a plus Certifications, such as CISA (Certified Information Systems Auditor), CPA (Certified Public Accountant), CIA (Certified Internal Auditor), or CISSP (Certified Information Systems Security Professional)  Project or team lead experience a plus Experience and knowledge with Oracle Cloud, Maximo, SQL querying, PowerPlan application configurations, technical objects, and procedures documentation skills