RQ08904 - Technology Architect - Senior

Role Overview:

As the Senior Lead Security Architect for OCI you will spearhead security-by-design consultative engagements and develop reusable repeatable cloud application patterns tailored to Oracle Cloud Infrastructure. You ll lead client-facing assessments drive secure by design architecture reviews and ensure robust security controls across OCI environments.

Key Responsibilities:

• Lead enterprise security-architecture and design reviews for OCI-based solutions (IaaS PaaS SaaS).
  
• Perform client engagements: threat modeling gap analysis risk assessments and security-control recommendations aligned to internal standards.
  
• Develop and maintain reusable security reference architectures and deployment patterns for OCI workloads.
  
• Collaborate with application network and operations teams to translate business requirements into secure solution designs.
  
• Advise on and validate implementation of OCI security services Identity and Access Management Vault (KMS) Data Safe Cloud Guard Web Application Firewall Logging & Monitoring.
  
• Integrate OCI environments with enterprise SIEM platforms (Splunk Cloud) and SOAR workflows.
  
• Facilitate architecture review boards design-approval gates and governance processes.
  
• Stay current on OCI service enhancements and industry best practices to continuously evolve the security architecture.
  

General Skills:

• Leadership in developing and implementing technical security architectures
  
• Experience across multiple cloud platforms (AWS Azure GCP OCI) and enterprise security services
  
• Strong understanding of application architecture networking and security operations
  
• Proficiency with structured methodologies for cloud application design and deployment
  
• Systems analysis and design experience within large secure solution environments
  
• Familiarity with ITIL processes and the ability to guide teams in its application
  
• Ability to translate business requirements into technical security solutions
  
• Expertise preparing conceptual logical and physical process and data models
  
• Track record of developing recommending and managing technical security architecture
  
• Awareness of emerging technologies industry trends and best practices
  
• Excellent analytical problem-solving decision-making and negotiation skills
  
• Clear verbal and written communication; strong interpersonal and stakeholder-management abilities
  
• Team player with a proven record of meeting deadlines and collaborating across disciplines
  
• Solid understanding of information-management security principles concepts policies and practices
  

Requirements

Experience and Skill Set Requirements:

Must Haves:

• Security architecture and design with Oracle Cloud Infrastructure.
  
• Client Relationship Building skills.
  

Skill Set Requirements:

OCI Specific Security Experience and Controls:

• Identity & Access Management: OCI IAM policies compartments SSO MFA PKI
  
• Data Security: Oracle Vault (KMS) Data Safe (encryption activity monitoring) Transparent Data Encryption Tokenization
  
• Threat Detection & Remediation: Cloud Guard Web Application Firewall Logging & Monitoring
  
• Network Security: Virtual Cloud Networks Network Security Groups firewalls SASE architectures
  
• SIEM & CSOC Integration: Splunk Cloud SOAR orchestration alerting and response workflows
  

Senior Architecture & Design Expertise:

• Threat modeling and secure-by-design reference architectures for OCI workloads (IaaS PaaS SaaS)
  
• Frameworks: TOGAF NIST CSF CIS Controls SACM
  
• Infrastructure as code: Terraform OCI CLI/SDK DevSecOps pipelines
  
• Development of reusable cloud security patterns design-review workshops and governance gates
  
• Production of conceptual logical and physical architecture diagrams and documentation
  

Agile Delivery & Collaboration:

• Hands-on experience in Agile teams: backlog grooming user stories Scrum ceremonies sprint delivery
  
• Stakeholder engagement: business owners DevOps enterprise architects vendor partners
  
• Clear articulation of complex security concepts to both technical and non-technical audiences
  

Public Sector & Regulatory:

• Previous public sector work experience is considered a positive
  
• Prior work in government or regulated industries (e.g. FIPPA SOC 2 PCI DSS) is an asset