Download App | FOLLOW US ON SOCIAL MEDIA
 Upload Your Resume   Employers / Post Jobs 

Attorney in Nashua, NH

Oracle Corporation Jan 05,2021 Sep 19,2020 Location Nashua NH
This job is expired...

In-House

Attorney

Min 8 yrs required

Profile

Regulatory Compliance Specialist IV The candidate assists and supports the organization in complying with, as well as the ongoing preparation, testing and monitoring of conformance to, the requirements of government regulations and/or regulatory agencies. Performs evaluation of internal operations, controls, communications, risk assessments and maintenance of documentation as related to regulatory compliance and recommends appropriate changes. Conducts and facilitates internal and external audits to identify, evaluate, disclose and appropriately remedy risks and deficiencies. Coordinates the preparation of and may prepare document packages for regulatory submissions from all areas of company as well as for internal and external audits and inspections. May serve as point of contact for interactions with regulatory agencies for defined matters. Support the creation of a comprehensive risk management and regulatory oversight program, including specifications for product and service design aligned with company's Software Security Assurance and Security Architecture. Review specifications. Develop training for GBU development, cloud services, services and operations teams on industry regulatory specifications applicable to their products and services. Execute risk assessments and evaluate risks to the business and develop risk mitigation strategies. Work with members of GBU development, cloud services, services and operations teams to incorporate applicable industry regulatory standards, Oracle security policies and customer-contractual obligations into GBU processes and standards. Coordinate industry and regulatory certifications, including managing certification vendors (e.g., PCI, HIPAA,HITECH, ISO, SOC2). Build security documentation and collateral for customers and internal users allowing security to be a differentiator in this GBUs. Build management level metrics and reporting for activities that are owned by the Risk Manager. Execute a vendor security program.

Qualification and Experience

The candidate should preferably have B.A./B.S. or advanced degree. CISA, CISM, CISSP, or CIPP certifications are desired. Business, Accounting, JD, Information Systems, Engineering or equivalent degree is also preferred. Must have 8+ years of experience with 5-7 years in governance and compliance for a large corporation. Should preferably have 5-7 years of relevant experience working on SOC, HIPAA (or other Healthcare), PCI (or other Finance). Prior Cloud Service Provider experience a plus. Experience with either a Big 4 accounting firm, a mid-level accounting firm, and/or a large IT corporation's internal audit department is an asset. Experience with 21 CFR Part 11 and HIPAA is needed. Strong knowledge of IT auditing and controls, preferable with SOX, SSAE 16 - SOC 1 & SOC 2, PCI compliance, NIST, DIACAP, FedRAMP, ISO 27001 & ISO 27002 is required. Should have knowledge and understanding of the delivery process for validated systems, specifically Computer System Validation process or CSV. Should also have an understanding of security standards and risk management. Experience working in Information Technology, Cloud or managed hosting services is a must. Technical knowledge of Oracle Applications and Database and/or infrastructure components is ideal.

Additional info

Req. #: 20000RCQ

Company info