Oracle EBS Application Security Consultant
Accenture – Boston, MA
Join Accenture and help transform leading organizations and communities around the world. The sheer scale of our capabilities and client engagements and the way we collaborate, operate and deliver value provides an unparalleled opportunity to grow and advance. Choose Accenture and make delivering innovative work part of your extraordinary career. People in our Client & Market career track drive profitable growth by developing market-relevant insights to increase market share or create new markets. They progress through required promotion into market-facing roles that have a direct impact on sales. Security professionals apply deep security skills to design, build and protect enterprise systems, applications, data, assets and people for Accenture and our clients.
Application Security professionals develop and deliver solutions - including design and implementation of Oracle application Security Roles, Segregation of Duties Analysis Rules, Security Role Provisioning solutions, Security Workflow, Security Analytics, Enterprise GRC Solutions, Automated External Application Scanning and Automated Source Code Analysis - that minimize the impact of internal and external manipulation of applications to access, steal, modify, or delete sensitive data.
Key Responsibilities may include:
Contribute to a strong client relationship through interactions with client personnelUnderstand engagement as it relates to client's businessConfigure security in Oracle applications to meet unique client security requirementsDemonstrate knowledge in some areas of industry or functional specialtyCommunicate client expectations to the engagement teamConduct security and continuity assessmentAssume responsibility for small components of engagements. May have greater role on small engagementsContribute to engagement planning and ensuring that deliverables meet contract and workplan objectives.Deliver services that meet Accenture Project Manager specificationsRecognize and communicate opportunities to sell "add-on" work to clientStrong understanding of information security management principles, Oracle applications application security implementation methodologies, role based access controls, distributed systems administration, and oracle technical layer, cloud hosted infrastructure.Demonstrate experience 1) independently completing complex security related tasks; 2) making major contributions in assuring deliverables meet contract and workplan objectives and; 3) taking on tasks of increased complexityAbility to take a broad view of the position and take initiative to communicate, interact, and cooperate with others to ensure that all aspects of a task are addressedAbility to independently create written deliverables and to participate in presentations
Review existing IT General Controls, Segregation of Duties (SOD) and Sensitive Access (SA)Matrix and identify the gaps
Identify IT General controls, SODs and SAs that can be added to the existing SOD Matrix based on business processes and System architecture
Conduct control review sessions with business teams and client Audit Teams
Map SOD & SA Rules with Oracle Security Roles and identify mitigation Controls
3+ years of experience with business process controls and general IT controls
Strong understanding of segregation of duty frameworks and associated mitigating controls
BA/BS Degree in Computer Science, Information Security, Engineering, Information Technology, Finance, Business
3+ years of Oracle EBS Application Security experience, Oracle GRC, Oracle or 3rd party cloud implementation experience (e.g., design, recommend and implement security technical controls)
2+ years of technical writing and report generation
Enterprise IT security risk assessments and related frameworks (e.g., ISO 27000 series, NIST 800 Series, COBIT, IT General Controls, etc.)
1+ year of Conceptual knowledge of the following regulations: PCI, Sarbanes-Oxley, HIPAA, GLBA
Excellent written and verbal communication skills
Strong project management and organizational skills
75 to 100% travel
Previous Consulting or Big 4 Controls Audit experience preferred
Certifications such as: CISSP, CISM, or CISA certification preferred
Governance, Risk and Compliance (GRC) or Application Security implementation experience
Understanding of Oracle EBS or Oracle ERP configurations as it relates to the design and development of automated controls
Full cycle implementation experience with Oracle ERP or Oracle EBS
Experience with Oracle Risk Management applications or Oracle Controls Suite applications
Professional Skill Requirements:
Proven success in contributing to a team-oriented environment
Proven ability to work creatively and analytically in a problem-solving environment
Desire to work in an information systems environment
Excellent leadership, communication (written and oral) and interpersonal skills
Candidates who are currently on assignment as part of the Global Careers program are not eligible for consideration.
Applicants for employment in the US must have work authorization that does not now or in the future require sponsorship of a visa for employment authorization in the United States and with Accenture (i.e., H1-B visa, F-1 visa (OPT), TN visa or any other non-immigrant status).
Candidates who are currently employed by a client of Accenture or an affiliated Accenture business may not be eligible for consideration.
Accenture is a federal contractor and an EEO and Affirmative Action Employer of Females/Minorities/Veterans/Individuals with Disabilities.
Equal Employment Opportunity
All employment decisions shall be made without regard to age, race, creed, color, religion, sex, national origin, ancestry, disability status, veteran status, sexual orientation, gender identity or expression, genetic information, marital status, citizenship status or any other basis as protected by federal, state, or local law.
Accenture is committed to providing veteran employment opportunities to our service men and women.