• Support the implementation and maintenance of global GRC policies and standards based on NIST CSF and ISO 27001. • Conduct risk assessments for IT systems and third-party vendors (Supply Chain Risk), identifying gaps and recommending corrective actions. • Monitor adherence to global data privacy regulations (e.g., GDPR) and internal governance requirements. • Assist in coordinating external audits (ISO certification, ITGC, financial audits) and track remediation of audit findings. • Collaborate with IT Security, Industrial/OT Security, and business units to collect data for risk analysis. • Support the development and rollout of cybersecurity awareness programs for corporate and manufacturing staff. • Prepare compliance and risk status reports for management and global stakeholders.

• Supporting and enhancing the vulnerability management lifecycle for non-production systems aligned with FedRAMP IL5 compliance requirements • Conducting vulnerability scans, analysis, and reporting activities in test and staging environments • Providing detailed assessments and recommendations to internal teams for remediation activities • Maintaining knowledge of vulnerabilities, exploits, and mitigation strategies relevant to Defense and Federal compliance frameworks • Evaluating potential impacts of identified vulnerabilities and document appropriate compensating controls or mitigations • Triaging scan results to identify true positives, reduce false positives, and support compliance validation processes • Developing metrics and reports supporting internal security visibility and compliance documentation

Entity: Oracle America, Inc. Job Duties: Develop and execute programs and processes to reduce information security risk and strengthen Oracle’s security posture. Support the strengthening of Oracle’s security posture, focusing on one or more of the following: risk management; regulatory compliance; threat and vulnerability management; incident management and response; security policy development and enforcement; privacy; information security education, training and awareness (ISETA); digital forensics and similar focus areas. Bring advanced level skills to assess the information security risk associated with existing and proposed business operational programs, systems, applications, practices and procedures in very complex, business-critical environments. May conduct and document very complex information security risk assessments. May assist in the creation and implementation of security solutions and programs. May telecommute. Employer will accept a Master’s degree in Computer Science, Engineering, or related technical field and 5 years of experience in the job offered or in a Security Analyst-related occupation.Position requires: - Qualys; - Nessus; - Dynamic application security testing (DAST), static application security testing (SAST), or static code analysis to discover vulnerabilities on internal and external web applications; - Threat hunting or incident response - CrowdStrike, Tanium, Carbon Black, or CylancePROTECT; - Microsoft Windows Server; - Linux; - IPv4 networks; - Encryption in transit, encryption at rest, hashing, digital signatures, or PKI certificate management; - Malware analysis; - Python scripting or Bash scripting; - Rest API; - Agile methodologies including Jira and Confluence. Only Oracle brings together the data, infrastructure, applications, and expertise to power everything from industry innovations to life-saving care. And with AI embedded across our products and services, we help customers turn that promise into a better future for all. Discover your potential at a company leading the way in AI and cloud solutions that impact billions of lives. True innovation starts when everyone is empowered to contribute. That’s why we’re committed to growing a workforce that promotes opportunities for all with competitive benefits that support our people with flexible medical, life insurance, and retirement options. We also encourage employees to give back to their communities through our volunteer programs. We’re committed to including people with disabilities at all stages of the employment process. If you require accessibility assistance or accommodation for a disability at any point, let us know by emailing accommodation-request_mb@oracle.com or by calling 1-888-404-2494 in the United States. Oracle is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans’ status, or any other characteristic protected by law. Oracle will consider for employment qualified applicants with arrest and conviction records pursuant to applicable law.

• Supporting core SOC operations across endpoint, identity, data protection, and vulnerability management • Monitoring and triaging security alerts with our MSSP • Contributing to fast and effective Incident Response • Enhancing threat detection and overall security visibility • Helping maintain and improve key security platforms such as DLP, EDR, and identity security tools • Following security processes and playbooks to ensure consistent operational quality • Collaborating with global IT teams to strengthen security and reduce risks • Contributing to threat intelligence and detection improvements • Supporting daily SOC tasks including email security, identity monitoring, and DLP reviews • Participating in continuous improvement initiatives to advance SOC maturity