Security Engineer

We require a security engineer able to participate in a multi-disciplinary delivery team where responsibilities are fluid and aligned to evolving delivery priorities across multiple workstreams. There will be close collaboration with consulting and customer platform engineers, architects, and a requirement to contribute security expertise wherever it is most needed: tenancy design, creating and reviewing terraform code, supporting workload deployments. A balance between hands-on delivery and advisory input is need. The security engineer will be expected to proactively identify security gaps. The approach must be pragmatic and delivery focused. Success in this environment requires adaptability, clear communication, and a willingness to take ownership across traditional role boundaries, ensuring that security is consistently embedded into all aspects of the solution without becoming a bottleneck to progress.

In more detail:

The role will focus primarily on delivering secure configurations into both new and existing OCI tenancies, establishing robust, repeatable cloud foundations that enable rapid, multi-workstream delivery. The immediate priority is to assist with the design and then implement secure baseline tenancy configurations-including IAM, networking, and core platform controls-upon which services such as logging, monitoring, and OKE can be reliably built.

Must-Have Skills and Experience

• Strong hands-on experience with Oracle Cloud Infrastructure (OCI), particularly in tenancy-level and foundational configuration, including:
• Compartment design and structuring
• Identity and Access Management (IAM), policies, and dynamic groups
• Core networking (VCNs, subnets, routing, gateways, NSGs, security lists)
• Secure configuration of compute and storage services
• Proven experience establishing secure baseline configurations for new cloud tenancies, as well as improving and standardising existing environments
• Experience implementing security guardrails and controls in OCI, including Cloud Guard, Security Zones, Vault, and WAF where appropriate
• Solid experience with Infrastructure as Code (IaC) using HashiCorp Terraform, including use of Terraform Cloud for managing and deploying OCI configurations
• Experience working with GitHub-based repositories and workflows, including pull requests, branching strategies, and code reviews
• Strong understanding of secure cloud design principles, including least privilege, segmentation, encryption, and secure service access
• Experience designing and implementing OCI networking architectures that support secure, scalable workloads
• Practical experience implementing logging and monitoring in OCI, including: Enabling OCI Logging and Logging Analytics, Defining log collection and retention strategies, Supporting audit and security visibility requirements
• Experience integrating logging and monitoring into security operations, including alerting and basic incident response support
• Working knowledge of Oracle Kubernetes Engine (OKE) and container security fundamentals
• Ability to operate effectively in a consulting/delivery environment, engaging with customer teams and other Oracle Consulting delivery workstreams to guide, influence, and implement improvements
• Experience working in iterative/agile delivery models, delivering incremental, production-ready improvements
• Scripting/automation skills (e.g., Python, Bash) to support repeatability and operational efficiency

Nice-to-Have Skills and Experience

• Stronger depth in OCI Logging Analytics, including building dashboards, queries, and security use cases
• Experience designing standardised tenancy blueprints or landing zones in OCI
• Familiarity with advanced OCI security features, including custom Cloud Guard detector and responder recipes
• Experience with OCI Vault and enterprise key management patterns
• Deeper experience with OKE security, including: Network policies, Pod security controls, Secrets management
• Familiarity with CIS benchmarks for OCI and applying them in real environments
• Relevant OCI certifications (e.g., Architect Associate/Professional, Security)
• Exposure to threat modelling or risk assessment for cloud platform designs