OCI Security and Infrastructure Consultant

1. Configure and maintain OCI infrastructure components including compute, networking (VCNs, subnets, gateways), storage, and load balancers.
2. Design, deploy, and maintain multi-cloud networking (Egress and Workload VCNs, firewall/NAT gateways, AWS transit), enforcing traffic-control policies.
3. Implement and manage OCI Identity and Access Management (IAM) policies, compartments, dynamic groups, and federation.
4. Harden OCI infrastructure according to CIS Benchmarks and cloud security best practices.
5. Apply security patches and manage updates across OCI-hosted applications and services.
6. Design and operate an end-to-end monitoring, alerting, and reliability stack (Datadog, OCI Metrics, PagerDuty) with SLO/SLA tracking and cost optimization.
7. Monitor and respond to security alerts and events from OCI tools like Cloud Guard, Logging, and Security Zones.
8. Build and maintain an Infrastructure as Code pipeline: Terraform Cloud for resource provisioning, GitHub for source control, GitHub Actions for CI/CD.
9. Orchestrate configuration and patch management at scale with Ansible Automation Platform.
10. Configure and maintain backup, disaster recovery, and high availability setups within the OCI environment.
11. Perform regular reviews of access, entitlements, and audit logs to ensure least privilege and policy compliance.
12. Assist with security incident investigations and remediation within the OCI environment.
13. Work closely with security and infrastructure teams to enforce secure controls and infrastructure best practices (IaC, etc).
14. Collaborate with developers, integration engineers, finance, and security stakeholders to improve reliability and expand OCI capabilities.
15. Actively monitor, assess, and recommend tactical and strategic initiatives based on new and emerging threats posing risks to cloud computing environments.
16. Manage remediation efforts after security assessment findings outline weaknesses requiring attention.
17. Provide documentation and knowledge transfer to internal teams.

1. Experience working with security tools like teleport, crowdstrike EDR, tenable, SIEM, etc.
2. 5+ years of experience in cybersecurity or related engineering roles.
3. 3+ years hands-on experience specifically with Oracle Cloud Infrastructure (OCI).
4. Strong understanding of OCI networking, IAM, compartments, security lists, and resource management.
5. Experience with OCI-native security services (e.g., Cloud Guard, Security Zones, Logging, Vault).
6. Proficiency in infrastructure-as-code tools (Terraform preferred).
7. Experience in Ansible Automation Platform or other configuration management tooling.
8. Solid understanding of security best practices, including least privilege access, encryption, system hardening, vulnerability management, and key management.
9. Familiarity with compliance requirements (e.g., ISO 27001, SOC 2, HIPAA) as they apply to OCI.
10. Experience supporting production-grade workloads in a cloud environment.
11. Scripting knowledge (e.g., Bash, Python) for automation and monitoring.

1. OCI Certified Architect or OCI Certified Security Professional.
2. Prior experience integrating OCI with SIEM tools (e.g., Splunk, QRadar).
3. Experience working in hybrid environments (on-prem + OCI).
4. Experience with Monitoring and Alert tools (Pref: Datadog).
5. Experience with logging pipelines and log manipulation (Pref: Cribl Stream).
6. Experience with Github and Github Actions CI/CD and DevSecOps processes and tooling.
7. Experience with AWS Networking and multi-cloud connectivity is a bonus.

DeWinter Group and Maris Consulting are an equal opportunity employer, and all qualified applicants will receive consideration for employment without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. We post pay scales which are based on our client pay ranges. DeWinter, Maris, and our clients have the right to modify the requirements of the role which can impact the pay ranges posted.