Oracle Cloud ERP Security consultant

Oracle Cloud Security Consultant

Overview:

We are seeking an experienced Oracle Cloud Security consultant to support the review, design, and implementation of security controls within the Oracle Cloud ERP (Fusion) environment. The contractor will focus on SOX compliance, segregation of duties (SoD), and access control governance to ensure the system meets both internal control standards and regulatory requirements.

This role will partner closely with Finance, Internal Audit, Compliance, and IT teams to deliver a secure and compliant Oracle Cloud environment.

Key Responsibilities:

• Security Design & Configuration
• Review and enhance Oracle Cloud ERP role-based access controls (RBAC).
• Develop and implement segregation of duties (SoD) frameworks and rulesets.
• Configure user roles, data access sets, and privileges to align with security principles.
• Support remediation of access conflicts and toxic combinations.
• Compliance & Audit Support
• Ensure alignment with SOX controls and company compliance standards.
• Collaborate with Internal Audit and Compliance teams to provide evidence and documentation.
• Assist in quarterly and annual access certification processes.
• Support external audit activities and respond to security audit queries.
• Governance & Process Improvement
• Develop and document Oracle Cloud security policies, procedures, and standards.
• Implement automated controls where possible to reduce manual effort.
• Recommend process improvements for user provisioning, deprovisioning, and access reviews.
• Educate business and IT teams on SoD and compliance requirements.
• Change & Project Support
• Participate in project initiatives impacting security (e.g., module rollouts, role redesigns).
• Support security testing and validation as part of change management.
• Provide subject matter expertise on Oracle Cloud ERP security best practices.

Required Skills & Experience:

• Technical Expertise
• Strong hands-on experience with Oracle Cloud ERP Security (Fusion Financials, Procurement, HCM preferred).
• Deep understanding of role-based access control (RBAC) and data security policies.
• Experience defining and managing segregation of duties (SoD) rulesets within Oracle Cloud.
• Proficiency in security tools such as Oracle Risk Management Cloud (RMC) or third-party SoD solutions.
• Compliance Knowledge
• Demonstrated experience with SOX (Sarbanes-Oxley) compliance, ITGCs, and access control frameworks.
• Understanding of COSO, COBIT, or similar internal control frameworks.
• Professional Skills
• Strong analytical and problem-solving skills with a detail-oriented approach.
• Excellent stakeholder communication - able to bridge IT, audit, and business perspectives.
• Proven ability to work independently and deliver under tight timelines.

Preferred Qualifications:

• Oracle Cloud certifications (e.g., Oracle Cloud Security, Oracle Risk Management Cloud)
• Prior experience in a Big 4, consultancy, or regulated enterprise environment.
• Familiarity with SOX audit processes, GRC tools, and identity governance solutions.

Degree in Information Systems, Computer Science, Accounting, or related field