Oracle HCM Security Lead (Strategy)

What You'll Do

• Lead the transition to RBAC across Oracle HCM (Core HR, Payroll, Absence, Time, Talent) and downstream systems with complex integrations.
   

• Architect an end-to-end access governance framework, covering application, integration, and data warehouse layers — including Databricks, OAC/OTBI, and 3rd-party data hubs.
   

• Define and standardize personas, access tiers, and Areas of Responsibility (AOR) with business process owners.
   

• Partner with data platform and analytics teams to align access policies across structured/unstructured data sources used for reporting, workforce intelligence, and ML.
   

• Integrate security policies with Okta and identity management tools, ensuring consistent enforcement across apps and data endpoints.
   

• Enable secure self-service analytics by implementing column- and row-level security within platforms like OTBI and Databricks, ensuring compliance with SOX, GDPR, and HIPAA.
   

• Manage security lifecycle for Oracle HCM and connected platforms: provisioning, auditing, change control, and SoD enforcement.
   

• Serve as the employee & candidate data access security authority, participating in solution design, release planning, and cross-functional governance reviews, consulting with legal, HRBPs, comms, and engineering security where applicable
   

Basic Qualifications

• 10+ years of experience in enterprise security, application governance, or architecture roles with deep expertise in Oracle Fusion HCM and SaaS integration landscapes.
   

• Proven experience designing and implementing enterprise RBAC frameworks, with hands-on involvement across apps and data layers.
   

• Deep understanding of big data platforms (Databricks, Snowflake, etc.) and how access, classification, and lineage apply in modern data environments.
   

• Experience with analytics platform security including OTBI, OAC, and integration with business intelligence tools.
   

• Familiarity with identity federation and access policy integration via Okta, Azure AD, or similar tools.
   

• Strong understanding of compliance frameworks (SOX, GDPR, HIPAA) and ability to translate policies into technical access controls.
   

• Skilled communicator, capable of aligning technical security strategy with business priorities and presenting to senior leadership.
   

Preferred Qualifications

• Experience with multi-phase Oracle HCM deployments or Workday-to-Oracle transitions.
   

• Exposure to data mesh or federated data ownership models.
   

• Background in data pipeline security and governance, especially in Databricks, Spark, or similar platforms.
   

• Strong knowledge of RACI, persona-based design, and data domain ownership strategies in global organizations.
   

• Demonstrated ability to build security into the SDLC, with tools and controls supporting agile SaaS environments.