KEY RESPONSIBILITIES

1. Strategic Leadership & Workshop Facilitation

• Lead and drive the security workstream, including end-to-end planning, resource allocation, and delivery governance.

• Facilitate and chair client workshops and working sessions to elicit business requirements, define access models, and align stakeholder expectations.

• Prepare and present workshop outputs including decision logs, action trackers, and security design documentation.

• Serve as the primary point of contact for all authorization and security-related queries from client stakeholders, functional leads, and project management.

2. Authorization Design & Governance

• Define and govern the overall Authorization Principles and Framework for the Oracle HCM SaaS implementation.

• Design and enforce role-based access control (RBAC) structures, including job roles, duty roles, abstract roles, and data security policies.

• Establish and maintain Segregation of Duties (SoD) conflict matrices and remediation frameworks in alignment with audit and compliance standards.

• Define data security policies governing Person, Payroll, and Workforce Management data access in alignment with organizational hierarchies and business rules.

• Ensure the authorization model aligns with the client's risk appetite, regulatory requirements, and internal governance policies.

3. Configuration, Build & Validation

• Configure and build authorization rules, role hierarchies, and data security policies directly within Oracle HCM SaaS (Fusion).

• Conduct structured validation exercises with business users, functional consultants, and IT stakeholders to confirm access models meet business requirements.

• Perform iterative testing and refinement of roles to address access gaps, over-provisioning, and SoD conflicts identified during validation cycles.

• Manage and govern the Oracle Security Console and associated role management tooling.

4. Documentation & Standards

• Author and maintain comprehensive Authorization Configuration Documentation, including role catalogues, data security policy registers, and access matrices.

• Produce and own the Security Design Document (SDD) and ensure it remains current throughout the project lifecycle.

• Maintain traceability between business requirements, authorization design decisions, and configured rules.

• Develop and enforce documentation standards and templates across the security workstream.

5. User Access Provisioning & Audit Readiness

• Oversee and govern user access provisioning processes, ensuring adherence to the Joiner-Mover-Leaver (JML) framework.

• Lead role design and assignment activities, ensuring roles are fit for purpose and audit-ready.

• Manage access remediation activities, including SoD conflict resolution, excessive access removal, and corrective action tracking.

• Support internal and external audit activities by providing evidence packs, access reports, and control documentation.

• Define and implement Periodic Access Review (PAR) processes and ensure controls are operational post go-live.

6. Risk, Compliance & Governance Alignment

• Ensure all security controls and authorization configurations align with applicable compliance frameworks (e.g, internal IT governance policies).

• Collaborate with the client's Risk, Compliance, and Internal Audit functions to validate security design against control objectives.

• Identify and escalate security risks, gaps, and non-compliant configurations with proposed remediation strategies.

• Provide input to the project's risk register for security-related risks and ensure mitigating actions are tracked to closure.

7. Team Leadership & Technical Mentorship

• Manage and mentor junior and mid-level security team members, providing day-to-day technical guidance and quality oversight.

• Conduct quality assurance reviews of security configurations, documentation, and deliverables produced by team members.

• Foster a high-performance team culture, providing constructive feedback, coaching, and development support.

• Define workstream tasks, estimate effort, and assign responsibilities in alignment with project plans.

8. Testing & Post-Go-Live Support

• Define and execute security testing strategies for System Integration Testing (SIT) and User Acceptance Testing (UAT), including test scenario design and execution.

• Validate access scenarios across all Oracle HCM modules during SIT and UAT phases, ensuring role configurations are consistent with business requirements.

• Triage and resolve complex access and security defects raised during testing cycles, collaborating with functional consultants and technical teams.

• Support hypercare and post-go-live activities, including break-fix resolution, access query management, and security configuration stabilization.

• Contribute to transition activities including handover of security operations to the client's support function.

QUALIFICATIONS & EXPERIENCE

Essential Requirements

• Minimum 10 years of hands-on experience in Oracle HCM (Fusion) Security and Authorization, with at least 2 full end-to-end implementation lifecycles in a lead capacity.

• Deep expertise in Oracle HCM SaaS security architecture, including RBAC, Abstract Roles, Job Roles, Duty Roles, Data Roles, and Oracle Security Console.

• Strong understanding of Oracle HCM modules including Core HR, Payroll, Talent Management, Absence Management, Workforce Management, and Recruiting.

• Proven experience defining and governing data security policies, including Person Security Profiles, Payroll Security Profiles, and Legislative Data Group (LDG) security.

• Demonstrated expertise in SoD conflict identification, management, and remediation within Oracle HCM.

• Experience managing and facilitating client workshops, requirement sessions, and design reviews.

• Proficiency in producing high-quality security documentation, including Security Design Documents, Role Catalogues, and Access Matrices.

• Experience supporting SIT, UAT, and post-go-live security activities including defect triage and access validation.

• Strong stakeholder management skills with the ability to engage effectively with business, IT, and audit functions.

• Experience managing and mentoring security team members in a consulting or project delivery environment.

Desirable / Advantageous

• Oracle Cloud HCM certification in Security or relevant functional modules.