The Deputy Security Controller will coordinate Oracle’s Cyber Essentials certifications across multiple LoBs.

The position requires liaison with multiple UK Government departments, such as (but not limited to) the Cabinet Office, the National Cyber Security Centre, and the Ministry of Defence.

There is also a requirement for this position to manage the centralised gathering and submission of various metrics and information that is required by our numerous certifications, as well as deputising for the UK Security Controller when required.

The successful candidate will also be able to liaise with personnel both internal and external to Oracle and from that interaction define and produce mature security related documentation (for example, procedural and/or policy documentation) as required for approval by the Security Controller.

We expect the individual to perform the following functions:

To manage and maintain a central point for Cyber Essentials and Cyber Essentials Plus certification. This will include but not be limited to: Providing liaison point between the Security Controller Team and defining and agreeing scope with Lines of Business (LOBs). Agreeing compliance attributes and completing and submitting relevant paperwork to the Authority. Defining, agreeing, and coordinating ITHC activities on an annual basis for all Cyber Essentials Plus certifications. Coordinating and tracking through to resolution of all remedial actions from certification and recertification ITHCs. The individual must be prepared to undergo the UK Government security clearance process and to maintain this clearance for the duration of their time in post. Manage and maintain any relevant compliance metrics and ensure timely submission. Act as the Oracle Security Controller team liaison and p.o.c. for various UK Government departments and Agencies as required. Perform the duties of the UK Security Controller during times of absence. Act as technical and compliance liaison point between the OCI LoB and the UK Security Controller team. Act as technical and compliance liaison point between the SaaS LoB and the UK Security Controller team. Conduct peer reviews on new policy, processes, or documentation as and when required. Conduct information gathering and collation of information to assist with policy, process, or documentation development. Produce draft policy, procedural and other documentation as required for Security Controller approval. Produce training and briefing material as required for Security Controller approval. Review documentation and coordinate the production of updated content from relevant Subject Matter Experts and produce updated draft for Security Controller approval. Conduct the assessment of security risks and the maintain the Oracle (UK) Security Risk Register. Act as deputy chair for the Vetting Board and Security Working Group meetings.

 

Career Level - IC4