Overall Architect lead on
* Design and Document Cloud Guard configuration
* Design and Document Security Zones setup
* Design and Document Security Advisor configuration
* Design and Document Web Application Firewall configuration
* Design and Document Security Audit setup
Compartment Security
* Design and Define Compartment Security requirement
* Documenting Naming conventions and Tagging Compartments
* Defining the policy statement
* Required rule statement identification and technical definition for new policies
* Compute instance life cycle definition
Bastion Security
* Access control configuration definition
* Node access restriction documentation
* Network restriction definition and documentations
* Host Security (HSM) requirement, configurations, definitions and documentations
Block Volume Security
* Access Policy definitions for user and resources
* Encryption and key requirement definitions
* Cloud guard detector and responder recipe definitions for block volume
* Process definition and documentation of Encryption key rotation for block volumes
* Incident response process definition for block volume cloud guard notifications
Virtual Machine Security
* Secure network access requirement definitions
* Cloud guard detector and responder recipe definitions for Compute resources
* security zone (optional) requirement identification and definition for compute resources
* Process definitions to Respond to problems detected in Cloud Guard
* Identification and definition of compute patch requirement and processes
* Documentation of VSS requirements and processes
* security audit process definitions
Network Security
* Public and Private subnet technical requirement definition
* WAF, Firewall and API Gateway Security rule definition
* Security zone definition
* Network related IAM policy definition
* IPSec VPN security configuration definition
Object Storage Security
* Secure network access definition for resources
* Identification and definition of Cloud Guard (optional) recipes for Object Storage
* Create a security zone (optional) requirement identification and definitions
* Process definitions to respond to security problems detected in Cloud Guard
* Security Audit process definitions
Zones Security
* Define requirement for compartments and security zones
* Evaluate and define new security zone policies
* Define process for security zone audit
Tag Security
* Define tag namespaces
Securing Vulnerability Scanning
* Define requirement and configuration for service gateway to scan Compute instances that don't have public IP addresses.
* Define process for security audit
Due to the nature and urgency of this post, candidates holding or who have held high level security clearance in the past are most welcome to apply. Please note successful applicants will be required to be security cleared prior to appointment which can take up to a minimum 10 weeks. LA International is a HMG approved ICT Recruitment and Project Solutions Consultancy, operating globally from the largest single site in the UK as an IT Consultancy or as an Employment Business & Agency depending upon the precise nature of the work, for security cleared jobs or non-clearance vacancies, LA International welcome applications from all sections of the community and from people with diverse experience and backgrounds.
Award Winning LA International, winner of the Recruiter Awards for Excellence, Best IT Recruitment Company, Best Public Sector Recruitment Company and overall Gold Award winner, has now secured the most prestigious business award that any business can receive, The Queens Award for Enterprise: International Trade, for the second consecutive period.
