If you require accessibility assistance or accommodation for a disability when applying for open positions please contact us at +1.888.404.2494, Option 1. Oracle's Affirmative Action Plan is available for review by contacting +1.888.404.2494, Option 1. Job Description - Regulatory Compliance Specialist ? International Compliance and Assurance (190015L7) Regulatory Compliance Specialist ? International Compliance and Assurance - 190015L7 Preferred Qualifications Job title: Regulatory Compliance Specialist? International Compliance and Assurance Location: Germany ---------------------------------------------------------------------------------------------------------------- Comejoin the fastest growing cloud organization with world-class engineering andwith laser focus on excellence. Oracle? s extensive enterprise customer base islooking for rock-solid cloud solutions that provide the same reliability andeffectiveness they have come to expect from Oracle on premise. Oracle CloudInfrastructure (OCI) provides cost-effective and high-performance IaaS and PaaScloud solutions to customers who expect industry-leading security andcompliance programs that create a stable and highly-effective foundation forworkloads and an infrastructure that meets their security and compliance needs. Oracle Cloud Infrastructure (OCI) is lookingfor a Regulatory Compliance Specialist for International Compliance andAssurance within its Regulated Markets organization. In this role, you help the development,maintenance and improvement of international compliance programs including, butnot limited to: ISO 27000 series, ISO 9001, TISAX, Esquema Nacional deSeguridad (ENS), Cyber Essentials Plus, IT-Grundschutz. Youwill collaborate with a variety of cross-functional teams to help theInternational Compliance and Assurance Program effect positive organizationalchange and maintain trust with our customers in highly regulated marketsglobally. You will also be directly involved in preparing for and facilitatingvarious audits and assessments within particular geographies. Primary responsibilities of this role include: Support the development, maintenance andimprovement of international compliance programs including, but not limited to:ISO 27000 series, ISO 9001, TISAX, Esquema Nacional de Seguridad (ENS), CyberEssentials Plus, IT-Grundschutz. Evaluate industry andregulatory compliance requirements; provide guidance on control design andimplementation to a variety of cross-functional teams. Identify and report oncompliance gaps, risks and deficiencies; provide recommendations for remediationor continual improvement. Evaluate the design andeffectiveness of IT controls against industry and regulatory requirements. Evaluate whether IT riskmanagement and governance processes are functioning as intended to support theorganization? s ISMS goals and objectives. Prepare for and executeinternal and external audit/assessment activities. Drive project scheduling,tracking and communications to the Director level independently. Be self-motivated and empoweredto update and enhance current audit processes, tooling and documentation. Learn new industry andregulatory compliance frameworks quickly. Preferred skills/qualifications: 5+years of audit and assurance experience preferably with a Big Four accountingfirm. Bachelor's degree inaccounting, information systems, information security or another field. Background in industry andregulatory compliance matters (e.g., TISAX, Esquema Nacional de Seguridad,Cyber Essentials Plus, IT-Grundschutz). Working knowledge of ISOstandards (e.g., 27001, 27002, 27017, 27018 and 9001). Working knowledge of SSAE 18,ISAE 3000 and ISAE 3402. Working knowledge of SOC 2 reporting. Working knowledge of auditprocedures for attestation engagements versus certifications. Working knowledge of ITprocesses, platform as a service (PaaS) and infrastructure as a service (IaaS). Ability to explain industry andregulatory compliance matters to audiences who have no background in complianceor audit. Ability prioritize, manage anddeliver on multiple tasks and ability to partner with management in support ofkey initiatives and projects. Strong bias for action;flexible, resourceful and able to operate effectively within a dynamic,fast-paced environment. Strong motivation to accomplishgoals and objectives to ensure organizational and customer success. Attention to detail; analyticaland problem-solving skills. Detailed Description and Job Requirements Assists and supports the organization in complying with, as well as the ongoing preparation, testing and monitoring of conformance to, the requirements of government regulations and/or regulatory agencies. Performs evaluation of internal operations, controls, communications, risk assessments and maintenance of documentation as related to regulatory compliance and recommends appropriate changes. Conducts and facilitates internal and external audits to identify, evaluate, disclose and appropriately remedy risks and deficiencies. Coordinates the preparation of and may prepare document packages for regulatory submissions from all areas of company as well as for internal and external audits and inspections. May serve as point of contact for interactions with regulatory agencies for defined matters. Support the creation of a comprehensive risk management and regulatory oversight program, including specifications for product and service design aligned with Oracle Software Security Assurance and Security Architecture. Review specifications. Develop training for GBU development, cloud services, services and operations teams on industry regulatory specifications applicable to their products and services. Execute risk assessments and evaluate risks to the business and develop risk mitigation strategies. Work with members of GBU development, cloud services, services and operations teams to incorporate applicable industry regulatory standards, Oracle security policies and customer-contractual obligations into GBU processes and standards. Coordinate industry and regulatory certifications, including managing certification vendors (e.g., PCI, HIPAA,HITECH, ISO, SOC2). Build security documentation and collateral for customers and internal users allowing security to be a differentiator in this GBUs. Build management level metrics and reporting for activities that are owned by the Risk Manager. Execute a vendor security program. Leading contributor individually and as a team member, providing direction and mentoring to others. Work is non-routine and very complex, involving the application of advanced technical/business skills in area of specialization. Ability to travel. 8 plus years experience. BA/BS or advanced degree preferred. 5-7 years work in governance and compliance for a large corporation. CISA, CISM, CISSP, CIPP desired. Strong knowledge of IT auditing and controls, preferable with SOX, SSAE 16 - SOC 1 & SOC 2, PCI compliance, NIST, DIACAP, FedRAMP, ISO 27001 & ISO 27002. Experience with 21 CFR Part 11 and HIPAA. Knowledge and understanding of the delivery process for validated systems; specifically Computer System Validation process or CSV. Have an understanding of security standards and risk management. Experience working in Information Technology, Cloud or managed hosting services. Excellent written and verbal communication skills. Ability to adjust and adapt to changing priorities in a dynamic environment. Technical acumen and the ability to understand and interpret technical specifications. Technical knowledge of Oracle Applications and Database and/or infrastructure components. Project Management skills.As part of Oracle's employment process candidates will be required to successfully complete a pre-employment screening process. This will involve identity and employment verification, professional references, education verification and professional qualifications and memberships (if applicable). Job : Business Operations Location : DE-Germany Job Type : Regular Employee Hire Organization : Oracle All over the world, people's lives are better because of Oracle. Want to make a difference? Join our company of change-makers. From Oracle to culinary school and back again. Bonnie Carlson Kaypaghian uses the skills she learned to create recipes for her daughter? s Type 1 Diabetes and has written a cookbook to share with the world. #LifeatOracle If you require accessibility assistance or accommodation for a disability when applying for open positions please contact us at +1.888.404.2494, Option 1 Oracle's Affirmative Action Plan is available for review by contacting +1.888.404.2494, Option 1.