Oracle Grc Functional Lead resume example with 16+ years of experience
Jessica
Claire
resumesample@example.com
(555) 432-1000,
Montgomery Street, San Francisco, CA94105
:
Career Focus
Shina has 7+ years experience in Information Technology systems, which includes implementing application security and Oracle Advanced Controls. He has successfully done over 13 implementations of GRC Controls modules. Extensively experienced in SOD conflicts administration, strategies, and remediation. Also leveraged Oracle AACG global conditions to eliminate false positives. Proficient in the development of RBAC (Role Based Access Control) policies, principles and standards. Communicates effectively with other business team members concerning the security or control of the business processes. Possesses excellent understanding of various business activities and processes. Reliable, responsible and dependable individual, possessing strong analytical and interpersonal communication skills to provide quality service and proven results.
Used Role Based Access Controls (RBAC) to minimize SOD violations both inter and intra role.
Identified and evaluated complex business and technology risks, internal controls which mitigated the risks, and related opportunities for internal control improvement.
Worked with members of the application development teams to design and integrate applications with Role-Based Access Control (RBAC)
Designed and deployed Oracle EBS suite security
Designed and developed segregation of Duties (SOD) for various clients in various industries
Responsible for the configuration of the following Oracle GRC modules: AACG, TCG, PCG and CCG
Supported cross-functional teams in designing SOD rules at the entitlement, model and control levels according to client specific goals objectives.
Implemented Oracle Configuration Controls Governor (CCG) in Oracle EBS R12 version instance to enable client to track configuration changes and compare Oracle application configuration.
Worked with the GRC project team and Oracle EBS security team to develop requirements and the to-be design of the GRC implementations and to meet auditory requirements.
Captured detail requirement based on thorough understanding of clients business processes, internal control and risk management objectives and IT security goals and standards.
Performed end user training and assisted with post production support activities.
Contributed to internal Oracle GRC knowledge base including the development of training material, methodology, deliverables and tools.
Reviewed and remediated client's SOD violations and recommended mitigating controls for all accepted violations.
Implemented GRC controls within the regulations and frameworks of Sarbanes-Oxley act.
Designed test script for User Acceptance Testing (UAT) and facilitated the UAT activities.
ORACLE INDEPENDENT CONSULTANTS ( OIC ) - ORACLE GRC CONSULTANT City, STATE, 2014 - Current
Implemented/Configured Oracle Enterprise Governance, Risk and Compliance (EGRC) 8.6.4.8329 on OICās training instance.
Completed and successfully passed the assessment for the Guided Learning Paths for Pre-Sales and Sales of Oracle Fusion Advanced Controls (AACG, ETCG, CCG and PCG)
Successfully completed OICās internal training program for Oracle Advanced Controls
Assigned and approved responsibilities requested for users.
Provisioned users in the E- Business Suites
Participated in end user responsibility testing to ensure there are no access issues.
Created custom responsibilities, menus and functions, request groups and validate the design (unit test).Ā
Created responsibility design matrix and reviewed with business users for approval, and updated the matrix when needed.
Created and terminatedĀ OracleĀ user accounts.Ā
Performed remediation of responsibility issues.Ā
Maintained function and data security according to segregation of duties (SOD) rules.Ā
Worked with process owner to review responsibility/roles for SOD violations and suggested best approach in remediating issues.Ā
Captured and consolidated all required and approved design changes and performed configuration.
Managed system access control including user management granting/revocation of access
Administration and maintenance of end user accounts, permissions and access rights
Ensured compliance and applied security updates when applicable and recommended appropriate measures in the event of a violation
Generated regular audits on Active users, Active responsibilities/ Roles and Unsuccessful log attempts
Implemented, maintained and oversaw enforcement of policies, procedures and plans for system security administration and user system access based on industry best practices
JEM-BRIAN Consulting - IT Controls Engineer City, STATE, 01/2005 - 08/2008
Reviewed access control policies and ensure all access issues and violations are resolved in a timely manner.
Multi-tasked and prioritized within a demanding environment by completing multiple assignments while meeting tight deadlines
Performed effectiveness testing of business controls including design and process review for various business cycles such as P2P, Expenditures, Payroll & HR
Ensure that the proposed design met company's business requirements
Interviewed subsidiary management and recommended operational improvements where possible
Mapped companies processes to both COBIT and COSO framework to ensure objectives are met.
Assisted in ensuring that all federal and state regulatory requirements are strongly adhered to.
Recommended remediation strategies for access violations (SOD) and ensure acceptable risk are mitigated and pro-actively review controls for consistency.
Facilitated communications with business customers to gather controls information
Assisted Application Business owners in Risk Assessment and recommended viable solutions in accordance with regulatory statutes
Provided metrics to management regarding compliance with controls requirements
Any information uploaded, such as a resume, or input by the user is owned solely by the user, not LiveCareer. For further information, please visit our Terms of Use.