OCI Security & Infrastructure Consultant

Job Description:

• Configure and maintain OCI infrastructure components including compute, networking (VCNs, subnets, gateways), storage, and load balancers.
• Design, deploy, and maintain multi‑cloud networking (Egress and Workload VCNs, firewall/NAT gateways, AWS transit), enforcing traffic‑control policies.
• Implement and manage OCI Identity and Access Management (IAM) policies, compartments, dynamic groups, and federation.
• Harden OCI infrastructure according to CIS Benchmarks and cloud security best practices.
• Apply security patches and manage updates across OCI-hosted applications and services.
• Design and operate an end‑to‑end monitoring, alerting, and reliability stack (Datadog, OCI Metrics, PagerDuty) with SLO/SLA tracking and cost optimization.
• Monitor and respond to security alerts and events from OCI tools like Cloud Guard, Logging, and Security Zones.
• Build and maintain an Infrastructure‑as‑Code pipeline: Terraform Cloud for resource provisioning, GitHub for source control, GitHub Actions for CI/CD.
• Orchestrate configuration and patch management at scale with Ansible Automation Platform.
• Configure and maintain backup, disaster recovery, and high availability setups within the OCI environment.
• Perform regular reviews of access, entitlements, and audit logs to ensure least privilege and policy compliance.
• Assist with security incident investigations and remediation within the OCI environment.
• Work closely with security and infrastructure teams to enforce secure controls and infrastructure best practices (IaC, etc)
• Collaborate with developers, integration engineers, finance, and security stakeholders to improve reliability and expand OCI capabilities.
• Actively monitor, assess and recommend tactical and strategic initiatives based on new and emerging threats posing risk to cloud computing environments.
• Manage remediation efforts after security assessment findings outline weaknesses requiring attention.
• Provide documentation and knowledge transfer to internal teams.

Required Qualifications:

• Experience working with security tools like teleport, crowdstrike EDR, tenable, SIEM etc
• 5+ years of experience in cybersecurity or related engineering roles.
• 3+ years hands-on experience specifically with Oracle Cloud Infrastructure (OCI).
• Strong understanding of OCI networking, IAM, compartments, security lists, and resource management.
• Experience with OCI-native security services (e.g., Cloud Guard, Security Zones, Logging, Vault).
• Proficiency in infrastructure-as-code tools (Terraform preferred).
• Experience in Ansible Automation Platform or other configuration management tooling.
• Solid understanding of security best practices, including least privilege access, encryption, system hardening, vulnerability management and key management.
• Familiarity with compliance requirements (e.g., ISO 27001, SOC 2, HIPAA) as they apply to OCI.
• Experience supporting production-grade workloads in a cloud environment.
• Scripting knowledge (e.g., Bash, Python) for automation and monitoring.

Preferred Qualifications:

• OCI Certified Architect or OCI Certified Security Professional.
• Prior experience integrating OCI with SIEM tools (e.g., Splunk, QRadar).
• Experience working in hybrid environments (on-prem + OCI).
• Experience with Monitoring and Alert tools (Pref: Datadog)
• Experience with logging pipelines and log manipulation (Pref: Cribl Stream)
• Experience with Github and Github Actions CI/CD and DevSecOps processes and tooling.
• Experience with AWS Networking and multi-cloud connectivity is a bonus.

Salary Range

$98,040.00 - $154,800.00 USD (Salary)

• Please note that the salary information provided herein is base pay only (gross); it does not include other forms of compensation which may or may not apply to this specific position, namely, performance-based bonuses, benefits-related payments, or other general incentives - none of which are guaranteed, may be subject to specific eligibility requirements, and are wholly within the discretion of Astreya to remit.
• Further, the salary information noted above is a range that consists of a minimum and maximum rate of pay for this specific position. Where an applicant or employee is placed on this range will depend and be contingent on objective, documented work-related considerations like education, experience, certifications, licenses, preferred qualifications, among other factors.

Astreya offers comprehensive benefits to all Regular, Full-Time Employees, including:

• Medical provided through Cigna (PPO, HSA, EPO options) / Medical provided through Kaiser (HMO option only) for California employees only
• Dental provided through Cigna (DPPO & DHMO options)
• Nationwide Vision provided through VSP
• Flexible Spending Account for Health & Dependent Care
• Pre-Tax Account for Commuter Benefit/Parking & Transit (location-specific)
• Continuing Education and Professional Development via various integrated platforms, e.g. Udemy and Coursera

• Corporate Wellness Program

• Employee Assistance Program

• Wellness Days

• 401k Plan

• Basic Life, Accidental Life, Supplemental Life Insurance
• Short Term & Long Term Disability
• Critical Illness, Critical Hospital, and Voluntary Accident Insurance
• Tuition Reimbursement (available 6 months after start date, capped)
• Paid Time Off (accrued and prorated, maximum of 120 hours annually)

• Paid Holidays

• Any other statutory leaves, paid time, or other fringe benefits required under state and federal law