Senior Oracle Cloud Infrastructure Security Architect
Remote
Contracted
Experienced
About the opportunity:
With focus on Oracle Cloud Infrastructure (OCI) Security Architecture. Interview SMEs then develop target state OCI application infrastructure security reference and solution architectures documentation, as well as OCI control compliance and roles & responsibilities documentation. This is a 11-12-week remote project opportunity.
Primary Duties:
Preferred Skills:
Required Education
Travel:
Qualifications:
To perform the job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed above are representative of the knowledge, skill and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
This job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee. Other duties, responsibilities and activities may change or be assigned at any time with or without notice.
EEO/AA Statement:
New Era Technology provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, national origin, religion, pregnancy, marital status, gender identity, age, physical or mental disability, or covered veteran status.
In addition to federal law requirements, New Era Technology complies with applicable state and local laws governing nondiscrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.
With focus on Oracle Cloud Infrastructure (OCI) Security Architecture. Interview SMEs then develop target state OCI application infrastructure security reference and solution architectures documentation, as well as OCI control compliance and roles & responsibilities documentation. This is a 11-12-week remote project opportunity.
Primary Duties:
- Work with IAM, Security engineering and Network operations teams to understand target state OCI PaaS and IaaS services.
- Guide teams for process and technical control requirements for OCI.
- Document security requirements for OCI PaaS and IaaS services.
- Develop high level and low-level control designs (security architecture diagrams)
- Document future state roles & responsibilities, security engineering and operations staffing levels and compliance.
- 5 + years IAM and IT GRC and Vulnerability Management experience.
- 3+ years OCI security architecture and engineering experience.
- 3+ years demonstrated in network and endpoint security.
- Understanding of IAM including SSO, IDMS and IGA practices for enterprises.
- Experience designing control and engineering the following OCI security services;
- Identity and Access Management
- Web Application Firewall
- Security Zones
- Vulnerability Scanning
- Network Firewall
- Cloud Guard
- Bastion
- Data Safe
- Access Governance
- Vault and Key Management
- Zero Trust Packet Routing
- Ability to interact with IT, application, and business stakeholders to communicate proper security practices.
- Experience with current and emerging IT risks and experience implementing security solutions.
- Experience developing information security architecture patterns.
- Strong understanding of information security capabilities including:
- PKI/Cryptography
- Authentication
- Authorization
- Vulnerability and configuration management
- Multi-factor authentication, single sign-on, identity & access management, B2B/B2C federation.
- Modern authentication (including password-less)
- DevSecOps
- Identity and Access Management
- Federation and Single Sign-On (e.g., SAML, OAuth)
- Directory Services Authentication Protocols (e.g., LDAPS, Kerberos, etc.)
- API Security including API Gateway Security
- User and Entity Behavioral Analytics
- Reverse proxy architecture and third-party authentication architecture
- Understanding of industry and leading practices including industry standards such as the National Institute for Standards and Technology (NIST) Special Publication (SP) 800-63 and NIST Cybersecurity Framework (CSF)
- Experience with major IAM platforms such as:
- Microsoft Active Directory
- IDS/IPS
- NGFW
- Packet Aggregation Technology (Network Packet Broker)
- SSL decryption technology and PKI
- Wireless Security
- Web application firewalls and proxies
- Endpoint security
- Software defined networking security and micro segmentation
- Experience working with Enterprise Architecture standards and processes
- Experience with regulatory requirements such as PCI, GLBA, HIPAA, and SOX
- Proven experience with creation of technical diagrams and documentation
- Experience with threat modeling
- Excellent written and verbal communication skills
- Ability to work as liaison between business and information security/information technology
- Experience working with Enterprise Architecture standards and processes
- Experience with regulatory requirements such as PCI, GLBA, HIPAA and SOX
- Proven experience with creation of technical diagrams and documentation
- Experience with threat modeling
- Excellent written and verbal communication skills
- Ability to work as liaison between business and information security/information technology
Preferred Skills:
- Python scripting
- SIEM and Data Analytics
- Email Security
- DLP
- Mobile Security
- Virtualization Security
- Cloud Orchestration Security
- Encryption
- Privilege Access Management
- Threat modeling (e.g., using MITRE’s ATT&CK threat framework)
- Customer authentication and anti-fraud control design
- Excellent interpersonal communication skills with strong spoken and written English.
- Organized with attention to detail.
- Business outcomes mindset.
- Solid balance of strategic thinking with detailed orientation.
- Collaborative team worker – both in person and virtually using MS Teams or similar.
- CISSP, CISM, or equivalent certification a plus.
Required Education
- Bachelor's degree (BA/BS) from four-year college or university; or equivalent training, education, and work experience.
- Cybersecurity certifications such as CISSP, CISM, etc.
Travel:
- No Travel
Qualifications:
To perform the job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed above are representative of the knowledge, skill and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
This job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee. Other duties, responsibilities and activities may change or be assigned at any time with or without notice.
EEO/AA Statement:
New Era Technology provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, national origin, religion, pregnancy, marital status, gender identity, age, physical or mental disability, or covered veteran status.
In addition to federal law requirements, New Era Technology complies with applicable state and local laws governing nondiscrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.
Apply for this position
Required*