Job description
Private Advertiser is seeking an experienced Oracle HCM Fusion Application Security Architect to lead security strategy for Oracle HCM Fusion SaaS deployments in Singapore. This contract role focuses on designing, implementing, and governing robust Authorization Principles and Security Frameworks across the HCM modules (Core HR, Payroll, Benefits, Talent) to protect sensitive employee data and ensure regulatory compliance.
You will partner with security, governance, privacy, and cloud operations teams to define secure-by-design patterns, manage identity and access controls, and implement modern authentication, federation, and entitlement management. Your work will span the full lifecycle from secure configuration of Oracle Cloud Infrastructure to secure integrations, APIs, and third-party connections, ensuring governance across development, testing, and production environments.
As a trusted advisor, you will own threat modeling, risk assessments, and security reviews for new HCM integrations and data exchanges. You will develop and maintain security policies, playbooks, and incident response procedures; lead security audits during upgrades and patches, and coach delivery teams on secure coding and release practices. You will also champion privacy by design and ensure compliance with PDPA and other regional standards while continuously monitoring security postures through metrics and automated controls. The role demands strong communication with stakeholders across technology, security, and business units and a proactive approach to risk management in a fast-changing cloud environment.
Responsibility
- Lead design, implementation, and governance of Authorization Principles and Security Framework for Oracle HCM Fusion SaaS deployments.
- Define robust access control models (RBAC/ABAC), entitlement management, and secure federation (SSO, MFA) across Oracle HCM modules.
- Collaborate with security, IT, and product teams to embed security-by-design in integrations, customizations, and upgrade cycles for Oracle Cloud HCM.
- Conduct threat modeling, risk assessments, and security reviews for new HCM integrations, data exchanges, and APIs; champion secure coding practices.
- Develop, publish, and maintain security policies, standards, playbooks, and incident response procedures; lead incident management when required.
- Ensure compliance with data privacy regulations (PDPA in Singapore) and industry standards (NIST/ISO) in all Oracle HCM deployments.
- Monitor and improve security posture through continuous monitoring, vulnerability assessments, penetration testing coordination, and security metrics.
- Manage vendor and third-party risk related to cloud-based HR solutions and integrations.
Qualification
- Bachelor's degree in Computer Science, Information Security, or equivalent; 8+ years in information security with at least 3-5 years in application security architecture for cloud-based ERP/HCM solutions.
- Strong knowledge of Oracle HCM Fusion architecture, Oracle Cloud Infrastructure (OCI), and identity management technologies.
- Expertise in RBAC/ABAC, SSO, MFA, OAuth2, OpenID Connect, and secure API design.
- Experience with cloud security frameworks (NIST, ISO 27001) and risk management; ability to perform threat modeling and security risk assessments.
- Professional certifications such as CISSP, CISM, CCSK, or equivalent.
- Excellent communication and stakeholder management skills; ability to work across regions and with vendors.
- Willingness to work on-site in Singapore or remotely as required; eligible to work in Singapore.