Senior Oracle Cloud Infrastructure Security Architect

Summary

Join New Era Technology for a 11-12-week remote project focused on Oracle Cloud Infrastructure (OCI) Security Architecture. You will interview subject matter experts, develop OCI application infrastructure security reference and solution architectures documentation, and create OCI control compliance and roles & responsibilities documentation. This role requires extensive experience in IAM, IT GRC, vulnerability management, and OCI security architecture and engineering. You will work with various teams to document security requirements, design controls, and define future state roles and responsibilities. Strong communication and collaboration skills are essential, along with a deep understanding of information security capabilities and industry standards. A bachelor's degree is required.

Requirements

• 5 + years IAM and IT GRC and Vulnerability Management experience
• 3+ years OCI security architecture and engineering experience
• 3+ years demonstrated in network and endpoint security
• Understanding of IAM including SSO, IDMS and IGA practices for enterprises
• Experience designing control and engineering the following OCI security services; Identity and Access Management, Web Application Firewall, Security Zones, Vulnerability Scanning, Network Firewall, Cloud Guard, Bastion, Data Safe, Access Governance, Vault and Key Management, Zero Trust Packet Routing
• Ability to interact with IT, application, and business stakeholders to communicate proper security practices
• Experience with current and emerging IT risks and experience implementing security solutions
• Experience developing information security architecture patterns
• Strong understanding of information security capabilities including: PKI/Cryptography, Authentication, Authorization, Vulnerability and configuration management, Multi-factor authentication, single sign-on, identity & access management, B2B/B2C federation, Modern authentication (including password-less), DevSecOps, Identity and Access Management, Federation and Single Sign-On (e.g., SAML, OAuth), Directory Services Authentication Protocols (e.g., LDAPS, Kerberos, etc.), API Security including API Gateway Security, User and Entity Behavioral Analytics, Reverse proxy architecture and third-party authentication architecture
• Understanding of industry and leading practices including industry standards such as the National Institute for Standards and Technology (NIST) Special Publication (SP) 800-63 and NIST Cybersecurity Framework (CSF)
• Experience with major IAM platforms such as: Microsoft Active Directory, IDS/IPS, NGFW, Packet Aggregation Technology (Network Packet Broker), SSL decryption technology and PKI, Wireless Security, Web application firewalls and proxies, Endpoint security, Software defined networking security and micro segmentation
• Experience working with Enterprise Architecture standards and processes
• Experience with regulatory requirements such as PCI, GLBA, HIPAA, and SOX
• Proven experience with creation of technical diagrams and documentation
• Experience with threat modeling
• Excellent written and verbal communication skills
• Ability to work as liaison between business and information security/information technology
• Bachelor's degree (BA/BS) from four-year college or university; or equivalent training, education, and work experience

Responsibilities

• Work with IAM, Security engineering and Network operations teams to understand target state OCI PaaS and IaaS services
• Guide teams for process and technical control requirements for OCI
• Document security requirements for OCI PaaS and IaaS services
• Develop high level and low-level control designs (security architecture diagrams)
• Document future state roles & responsibilities, security engineering and operations staffing levels and compliance

Preferred Qualifications

• Python scripting
• SIEM and Data Analytics
• Email Security
• DLP
• Mobile Security
• Virtualization Security
• Cloud Orchestration Security
• Encryption
• Privilege Access Management
• Threat modeling (e.g., using MITRE’s ATT&CK threat framework)
• Customer authentication and anti-fraud control design
• Excellent interpersonal communication skills with strong spoken and written English
• Organized with attention to detail
• Business outcomes mindset
• Solid balance of strategic thinking with detailed orientation
• Collaborative team worker – both in person and virtually using MS Teams or similar
• CISSP, CISM, or equivalent certification a plus

Benefits

Remote work