Oracle HCM Security Lead (Strategy)

Job description:

We are looking to transform its HR enterprise systems to support secure, scalable, and data-driven operations.

As part of this journey, we are seeking a Senior Security Lead to architect and deliver a modern Role-Based Access Control ( RBAC ) model across our global footprint beginning with Oracle HCM and expanding across our enterprise application and big data analytics ecosystem, including platforms like Databricks, OAC, and OTBI.

The right candidate will bring a blend of enterprise application security, operational data strategy, and analytics governance expertise that can scale beyond the Oracle platform. You will define how access works not just at the application level but across data pipelines, AI/ML platforms, and federated identity systems.

• Lead the transition to RBAC across Oracle HCM (Core HR, Payroll, Absence, Time, Talent) and downstream systems with complex integrations. Architect an end-to-end access governance framework, covering application, integration, and data warehouse layers including Databricks, OAC/OTBI, and 3rd-party data hubs.
• Define and standardize personas, access tiers, and Areas of Responsibility (AOR) with business process owners. Partner with data platform and analytics teams to align access policies across structured/unstructured data sources used for reporting, workforce intelligence, and ML.
• Integrate security policies with Okta and identity management tools, ensuring consistent enforcement across apps and data endpoints.
• Enable secure self-service analytics by implementing column- and row-level security within platforms like OTBI and Databricks, ensuring compliance with SOX, GDPR, and HIPAA. Manage security lifecycle for Oracle HCM and connected platforms: provisioning, auditing, change control, and SoD enforcement.
• Serve as the employee & candidate data access security authority, participating in solution design, release planning, and cross-functional governance reviews, consulting with legal, HRBPs, comms, and engineering security where applicable

Basic Qualifications

• 10+ years of experience in enterprise security, application governance, or architecture roles with deep expertise in Oracle Fusion HCM and SaaS integration landscapes.
• Proven experience designing and implementing enterprise RBAC frameworks, with hands-on involvement across apps and data layers.
• Deep understanding of big data platforms (Databricks, Snowflake, etc.) and how access, classification, and lineage apply in modern data environments
• Experience with analytics platform security including OTBI, OAC, and integration with business intelligence tools.
• Familiarity with identity federation and access policy integration via Okta, Azure AD, or similar tools.
• Strong understanding of compliance frameworks (SOX, GDPR, HIPAA) and ability to translate policies into technical access controls.
• Skilled communicator, capable of aligning technical security strategy with business priorities and presenting to senior leadership.
• Preferred Qualifications
• Experience with multi-phase Oracle HCM deployments or Workday-to-Oracle transitions.
• Exposure to data mesh or federated data ownership models.
• Background in data pipeline security and governance, especially in Databricks, Spark, or similar platforms.
• Strong knowledge of RACI, persona-based design, and data domain ownership strategies in global organizations.
• Demonstrated ability to build security into the SDLC, with tools and controls supporting agile SaaS environments.