Back to search
Cloud Security Architect (IAM)
4 months
London - hybrid
Active SC clearance required
800 - 950 per day inside ir35
Experience required
Oracle Network
Public Sector
Overall Architect lead on
- Design and Document Cloud Guard configuration
- Design and Document Security Zones setup
- Design and Document Security Advisor configuration
- Design and Document Web Application Firewall configuration
- Design and Document Security Audit setup
Compartment Security
- Design and Define Compartment Security requirement
- Documenting Naming conventions and Tagging Compartments
- Defining the policy statement
- Required rule statement identification and technical definition for new policies
- Compute instance life cycle definition
Bastion Security
- Access control configuration definition
- Node access restriction documentation
- Network restriction definition and documentations
- Host Security (HSM) requirement, configurations, definitions and documentations
Block Volume Security
- Access Policy definitions for user and resources
- Encryption and key requirement definitions
- Cloud guard detector and responder recipe definitions for block volume
- Process definition and documentation of Encryption key rotation for block volumes
- Incident response process definition for block volume cloud guard notifications
Virtual Machine Security
- Secure network access requirement definitions
- Cloud guard detector and responder recipe definitions for Compute resources
- security zone (optional) requirement identification and definition for compute resources
- Process definitions to Respond to problems detected in Cloud Guard
- Identification and definition of compute patch requirement and processes
- Documentation of VSS requirements and processes
- security audit process definitions
Network Security
- Public and Private subnet technical requirement definition
- WAF, Firewall and API Gateway Security rule definition
- Security zone definition
- Network related IAM policy definition
- IPSec VPN security configuration definition
Object Storage Security
- Secure network access definition for resources
- Identification and definition of Cloud Guard (optional) recipes for Object Storage
- Create a security zone (optional) requirement identification and definitions
- Process definitions to respond to security problems detected in Cloud Guard
- Security Audit process definitions
Zones Security
- Define requirement for compartments and security zones
- Evaluate and define new security zone policies
- Define process for security zone audit
Tag Security
- Define tag namespaces
Securing Vulnerability Scanning
- Define requirement and configuration for service gateway to scan Compute instances that don't have public IP addresses.
- Define process for security audit
