Oracle HCM Security Lead (Strategy)

Job Description

Oracle HCM Security Lead (Strategy)1 What You'll Do Lead the transition to RBAC across Oracle HCM (Core HR, Payroll, Absence, Time, Talent) and downstream systems with complex integrations. Architect an end-to-end access governance framework, covering application, integration, and data warehouse layers — including Databricks, OAC/OTBI, and 3rd-party data hubs. Define and standardize personas, access tiers, and Areas of Responsibility (AOR) with business process owners. Partner with data platform and analytics teams to align access policies across structured/unstructured data sources used for reporting, workforce intelligence, and ML. Integrate security policies with Okta and identity management tools, ensuring consistent enforcement across apps and data endpoints. Enable secure self-service analytics by implementing column- and row-level security within platforms like OTBI and Databricks, ensuring compliance with SOX, GDPR, and HIPAA. Manage security lifecycle for Oracle HCM and connected platforms: provisioning, auditing, change control, and SoD enforcement. Serve as the employee & candidate data access security authority, participating in solution design, release planning, and cross-functional governance reviews, consulting with legal, HRBPs, comms, and engineering security where applicable Basic Qualifications 10+ years of experience in enterprise security, application governance, or architecture roles with deep expertise in Oracle Fusion HCM and SaaS integration landscapes. Proven experience designing and implementing enterprise RBAC frameworks, with hands-on involvement across apps and data layers. Deep understanding of big data platforms (Databricks, Snowflake, etc.) and how access, classification, and lineage apply in modern data environments. Experience with analytics platform security including OTBI, OAC, and integration with business intelligence tools. Familiarity with identity federation and access policy integration via Okta, Azure AD, or similar tools. Strong understanding of compliance frameworks (SOX, GDPR, HIPAA) and ability to translate policies into technical access controls. Skilled communicator, capable of aligning technical security strategy with business priorities and presenting to senior leadership. Preferred Qualifications Experience with multi-phase Oracle HCM deployments or Workday-to-Oracle transitions. Exposure to data mesh or federated data ownership models. Background in data pipeline security and governance, especially in Databricks, Spark, or similar platforms. Strong knowledge of RACI, persona-based design, and data domain ownership strategies in global organizations. Demonstrated ability to build security into the SDLC, with tools and controls supporting agile SaaS environments.