Oracle Risk and Compliance Lead /Oracle Security Consultant/ Oracle Cloud Governance Consultant
Chicago, IL, US • Posted 29 days ago • Updated 1 hour agoFull Time
On-site
VDart, Inc.
Fitment
Dice Job Match Score™
🔗 Matching skills to job...
Job Details
Skills
- GRC
- NIST
- risk and compliance
- oracle cloud
Summary
Job Title: Cybersecurity & GRC Consultant/Oracle Security Consultant/Security Architect
Duration: Long Term
Location: Chicago, IL
Duration: Long Term
Location: Chicago, IL
The Senior GRC (Governance, Risk, and Compliance) Lead has a well-rounded profile with the right combination of significant and progressive professional expertise in Enterprise Governance, Risk, and Compliance Management and will support implementation of Oracle Cloud GRC modules including Enterprise Governance, Risk and Compliance Manager (EGRCM) and Advanced Controls to support Organization Enterprise Governance, Risk, and Compliance management efforts.
Key Responsibilities:
Validate requirements and support implementation of Oracle Enterprise Governance, Risk, and Compliance management modules in support of Enterprise Governance, Risk, and Compliance policies and procedures.
Own the GRC related requirements and provide support in reviewing and approving GRC related requirements, business processes, user stories, functional and technical specification documentation.
Support creation, review, and approval of test cases and test results in support of GRC module requirements.
Support the Third-Party Risk Management lifecycle from pre-onboarding to offboarding of vendor relationships.
Conduct risk assessments for new and existing systems and vendors to identify privacy and security-related risks.
Collect, review, and track vendor due diligence and compliance documentation (e.g., SIG questionnaires, SOC 2 reports, security policies)
Assist in analyzing internal as well as vendor cybersecurity controls related to hardware, software, and services.
Coordinate with internal stakeholders and third parties to document and remediate risks.
Support contractual reviews in collaboration with Procurement and Contracts Administration teams.
Contribute to client compliance activities, including assessments and client webshare coordination.
Help define, report, and track GRC-related metrics and risk indicators.
Participate in process improvements and automation of GRC activities.
Stay current with industry trends, frameworks (NIST CSF, ISO), and regulatory requirements (GDPR, CCPA).
Practical expertise in security frameworks such as: SANS Critical Security Controls, CIS Controls, ISO 27001, NIST SP 800-53, PCI DSS, SOC2.
Expertise in SaaS and PaaS implementations including Oracle cloud ERP, HCM, SCM and EPM applications.
Solid understanding of IT control frameworks like COBIT and IT General Controls.
In-depth knowledge of risk and controls concepts in information security.
Hands-on experience across control domains such as IAM, Data Security, Network Security, SDLC, Logging & Monitoring, etc.
Technical proficiency in security controls like encryption, logical access, secure coding, vulnerability management, and security architecture.
Strong experience conducting vendor risk assessments and translating technical risk into business impact.
Familiarity with risk treatment and exception processes.
Understanding of security architecture (authentication, authorization, encryption of data in transit/at rest).
Ability to communicate clearly with technical teams, stakeholders, and auditors.
High attention to detail and excellent documentation habits.
Strong analytical skills to resolve system and security issues.
Strong understanding in access control, identity management, and compliance standards
Excellent verbal and written communication skills.
Work with IAM, Security engineering and Network operations teams to understand and design target state OCI PaaS and IaaS services
Document security requirements for OCI PaaS and IaaS services
Strong Understanding of IAM including SSO, IDMS and IGA practices for enterprise
Provide guidance and training to team members on Oracle Cloud security practices.
Liaise with vendors and partners to ensure optimal security practices and stay updated on Oracle Cloud updates and best practices.
Validate requirements and support implementation of Oracle Enterprise Governance, Risk, and Compliance management modules in support of Enterprise Governance, Risk, and Compliance policies and procedures.
Own the GRC related requirements and provide support in reviewing and approving GRC related requirements, business processes, user stories, functional and technical specification documentation.
Support creation, review, and approval of test cases and test results in support of GRC module requirements.
Support the Third-Party Risk Management lifecycle from pre-onboarding to offboarding of vendor relationships.
Conduct risk assessments for new and existing systems and vendors to identify privacy and security-related risks.
Collect, review, and track vendor due diligence and compliance documentation (e.g., SIG questionnaires, SOC 2 reports, security policies)
Assist in analyzing internal as well as vendor cybersecurity controls related to hardware, software, and services.
Coordinate with internal stakeholders and third parties to document and remediate risks.
Support contractual reviews in collaboration with Procurement and Contracts Administration teams.
Contribute to client compliance activities, including assessments and client webshare coordination.
Help define, report, and track GRC-related metrics and risk indicators.
Participate in process improvements and automation of GRC activities.
Stay current with industry trends, frameworks (NIST CSF, ISO), and regulatory requirements (GDPR, CCPA).
Practical expertise in security frameworks such as: SANS Critical Security Controls, CIS Controls, ISO 27001, NIST SP 800-53, PCI DSS, SOC2.
Expertise in SaaS and PaaS implementations including Oracle cloud ERP, HCM, SCM and EPM applications.
Solid understanding of IT control frameworks like COBIT and IT General Controls.
In-depth knowledge of risk and controls concepts in information security.
Hands-on experience across control domains such as IAM, Data Security, Network Security, SDLC, Logging & Monitoring, etc.
Technical proficiency in security controls like encryption, logical access, secure coding, vulnerability management, and security architecture.
Strong experience conducting vendor risk assessments and translating technical risk into business impact.
Familiarity with risk treatment and exception processes.
Understanding of security architecture (authentication, authorization, encryption of data in transit/at rest).
Ability to communicate clearly with technical teams, stakeholders, and auditors.
High attention to detail and excellent documentation habits.
Strong analytical skills to resolve system and security issues.
Strong understanding in access control, identity management, and compliance standards
Excellent verbal and written communication skills.
Work with IAM, Security engineering and Network operations teams to understand and design target state OCI PaaS and IaaS services
Document security requirements for OCI PaaS and IaaS services
Strong Understanding of IAM including SSO, IDMS and IGA practices for enterprise
Provide guidance and training to team members on Oracle Cloud security practices.
Liaise with vendors and partners to ensure optimal security practices and stay updated on Oracle Cloud updates and best practices.
Type of Education Required:
Bachelor's Degree in Technology, Risk Management, or related field.
Bachelor's Degree in Technology, Risk Management, or related field.
Preferred certifications:
CISSP, CISA, CISM, CEH, ISO 27001 Lead Auditor or Lead Implementer.
Type of Experience and Number of Years:
Working Experience on Oracle GRC Modules, and Risk Management are mandatory
Working Experience on various Security frameworks like NIST are mandatory
At least one full life cycle implementation of Enterprise Governance, Risk and Compliance Manager (EGRCM) and Advanced Controls preferably
Working Experience on Oracle GRC Modules, and Risk Management are mandatory
Working Experience on various Security frameworks like NIST are mandatory
At least one full life cycle implementation of Enterprise Governance, Risk and Compliance Manager (EGRCM) and Advanced Controls preferably
in a public sector environment.
Minimum 5 years of Enterprise GRC experience implementing and supporting industry standard tools and frameworks including third-party vendor risk assessment.
Proficiency in cloud security principles and tools, including IAM, encryption, firewall management, and vulnerability assessment.
Proficiency with Google tools such as Google Docs, Sheets, and Presentations.
A proactive mindset with a focus on continuous improvement and results.
Integrity, accountability, and a strong sense of ownership over responsibilities.
Experience in the Public Sector including Education (K-12) project or program work, preferred.
Minimum 5 years of Enterprise GRC experience implementing and supporting industry standard tools and frameworks including third-party vendor risk assessment.
Proficiency in cloud security principles and tools, including IAM, encryption, firewall management, and vulnerability assessment.
Proficiency with Google tools such as Google Docs, Sheets, and Presentations.
A proactive mindset with a focus on continuous improvement and results.
Integrity, accountability, and a strong sense of ownership over responsibilities.
Experience in the Public Sector including Education (K-12) project or program work, preferred.
Keywords: Oracle Cloud, Oracle GRC, NIST, Data Security, Network Security
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.
- Dice Id: 10330808
- Position Id: 2026-93774
- Posted 29 days ago
Company Info
VDart, headquartered in Atlanta, GA, is a global leader in digital talent solutions and IT staffing, delivering top technology professionals to businesses worldwide. With a strong presence across North America, Europe and Asia, we specialize in helping organizations navigate complex technology landscapes with the right expertise.
Through a strategic, client-focused approach, we have placed over 20,000 professionals across key industries and advanced technology solutions. Whether placing top talent in cutting-edge roles or providing strategic digital workforce solutions, our network of 4,000 specialists across 13 countries is committed to excellence, agility and impact.
Backed by 18 years of industry experience, we go beyond staffing to build long-term partnerships that accelerate digital transformation and drive sustained growth. Whether you need a technology partner to fuel innovation or specialized workforce solutions to maintain a competitive edge, VDart delivers the right people, skills and mindset to create a lasting impact in a digital-first world.
Create job alert
Never miss an opportunity! Create an alert based on the job you applied for.Similar Jobs
It looks like there aren't any Similar Jobs for this job yet.
Search all similar jobs