Design and maintain the security model for the Oracle Fusion ERP applications (Financials, Procurement, Projects, Supply Chain, etc) including: roles, role hierarchies, privileges, duty conflicts, access groups and approval workflows.
Define, implement and manage Segregation of Duties (SoD) rules, mitigating controls and compensating controls aligned with corporate policy, regulatory requirements (SOX, GDPR, etc).
Lead the access provisioning lifecycle: joiner-mover-leaver processes, periodic access reviews, and cleanup of orphaned or dormant accounts.
Collaborate with functional consultants, business process owners and the IT delivery team to ensure security requirements are embedded in new module implementations, configuration changes, integration projects and upgrades.
Develop, maintain and execute security-related audit, monitoring and reporting: user access logging, role usage analytics, SoD violation reports, risk dashboards, remediation tracking and executive reporting.
Drive the design and implementation of controls (both automated and manual) within the ERP environment to safeguard data integrity, confidentiality and availability.
Provide subject matter guidance to internal audit, external auditors and control testing teams, prepare documentation, support walkthroughs and control assessments.
Define and deliver training, documentation and knowledge transfer for security processes, role maintenance, access requests and control awareness for business and IT stakeholders.
Stay current with Oracle's cloud security best practices, new features, patches and regulatory changes, and propose improvements to the security posture of the ERP ecosystem.
Required Skills & Experience
Bachelor's degree in Computer Science, Information Systems, Business Administration or related field. Master's preferred.
~ 2 to 3 years of relevant experience in ERP security & controls -- ideally with experience on Oracle Fusion Cloud ERP (or earlier Oracle Cloud Applications) or equivalent.
Strong expertise in ERP security model design: roles?privileges, access groups, duty conflicts, data security policy, role mining/optimisation.
Hands-on experience with provisioning and identity management frameworks, access review processes, SoD tools (e.g., Oracle GRC Cloud, SAP GRC, or similar).
Deep understanding of internal controls, SOX compliance, audit requirements, risk management in the cloud SaaS context.
Proven track record of working with business stakeholders, translating business process needs into secure access designs and controls.
Excellent communication and stakeholder management skills: able to present to senior management and audit/finance teams.
Strong analytical and problem-solving skills; ability to lead workshops, role-mapping sessions and resolve complex access/design issues.
Comfortable working in an agile delivery model or hybrid governance/delivery model (given your experience in IT services portfolio management).
Any relevant certifications would be an added advantage.
Interested candidates are invited to submit their resume to Email: