Oracle Compliance Analyst 4 in Boston, Massachusetts

Compliance Analyst 4

Preferred Qualifications

The Oracle Cloud Compliance as a Service (CaaS) organization ensures the security and compliance of Oracle Cloud from initial design to compliance by way of security policy, processes, and procedure standards definition, assessment/audit and certification, operation and continuous monitoring of cloud based security infrastructure.

Successful candidates for this position must be very comfortable taking a leadership role with regulatory compliance in a fast-paced organization. Candidates will be expected to lead new compliance efforts, as well as maintain existing regulatory compliance obligations. A background in owning, leading, and managing the day-to-day compliance operations, FISMA compliance, continuous monitoring, assessment & authorization for U.S Federal Government and/or Department of Defense systems is required.

A strong working knowledge of FISMA, FedRAMP, NIST, and FIPS standards is required. DoD SRG, DIARMF, and similar skill and experience is a plus for the right candidate.

Primary responsibilities of this role will include:

  • Lead contact with regard to compliance operations within the Oracle U.S. Public Sector Clouds;

  • Manages FedRAMP, DISA/DoD SRG and agency authorizations, documentation packages, audits and conducts analysis and results on a continuous basis;

  • Evaluates regulatory compliance requirements and engages with a variety of cross functional teams;

  • Key team member of engineering design and development of government cloud based systems;

  • Evaluates and provides reasonable assurance that risk management, control, and governance systems are functioning as intended and will enable the organization’s objectives and goals to be met;

  • Reports risk management issues and internal controls deficiencies identified directly to the Cloud Regulatory Compliance Program and provide recommendations for improving the organization’s operations, in terms of both efficient and effective performance;

  • Evaluates information security and associated risk exposures;

  • Evaluates regulatory compliance program with consultation from legal counsel;

  • Evaluates the organization’s readiness in case of business interruption;

  • Maintains open communication with management and teams across Oracle Cloud Operations;

  • Engages with other internal and external strategic resources as appropriate; and

  • Evaluates applicable global standards & compliance frameworks to establish internal standards, guidelines, policies, processes, and procedures;

  • Designs, develops and publishes internal program frameworks, checklists, policy, processes, procedures using creative publishing and editing software tools;

  • Systematically and comprehensively documents the Government compliance program;

  • Other duties as assigned;

Preferred Qualifications:

  • Networking fundamentals

  • Experience utilizing vulnerability management and GRC tools such as Nessus, Archer, Qualys, or similar is highly preferred.

  • Past US Federal or DoD experience preferred

  • CISSP, CISA, CISM, PMP or other DOD Directives 8570.1 Level 2 and Level 3 certifications

  • Prefer 8 years relevant experience and BA/BS degree.


U.S. Citizenship required. Position involves interaction with systems and data in Oracle’s U.S. Government Cloud environments, access to which requires U.S. citizenship under government contracts and applicable regulations, laws and/or executive orders.

Must be able to complete one or more U.S. government background investigations and/or appropriate security clearance(s) as required by government contracts and due to applicable laws, regulations, and executive orders.


Oracle employee benefits programs are designed individually for each region to ensure they best meets the needs of employees and their eligible dependents. See how ORACLE flex and other benefits help employees thrive at Oracle. http://www.oracle.com/us/corporate/careers/index.html

Oracle is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans status or any other characteristic protected by law.

Detailed Description and Job Requirements

Executes security controls to prevent hackers from infiltrating company information or jeopardizing e-commerce programs.

Researches attempted efforts to compromise security protocols. Maintains security systems for routers and switches. Administers security policies to control access to systems. Maintains the company’s firewall. Uses applicable encryption methods. Provides information to management regarding the negative impact on the business caused by theft, destruction, alteration or denial of access to information.

Leading contributor individually and as a team member, providing direction and mentoring to others. Work is non-routine and very complex, involving the application of advanced technical/business skills in area of specialization. Prefer 8 years relevant experience and BA/BS degree.

Oracle will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of San Francisco's Fair Chance Ordinance.

Oracle is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans status or any other characteristic protected by law.

Job: Information Technology

Location: US-CO,Colorado-Denver

Other Locations: US-CA,California-Redwood City, US-CA,California-San Francisco, US-MA,Mass-Burlington, US-MT,Montana-Bozeman, US-WA,Washington-Seattle

Job Type: Regular Employee Hire

Organization: Oracle