Job Information
Oracle Cloud Security Consultant in MUMBAI, India
Job Description
Role summary
Designs, implements and governs cloud solutions on Oracle Cloud Infrastructure (OCI), ensuring security, scalability, reliability, cost efficiency across enterprise workloads, manage Oracle database platforms on OCI, ensuring performance, availability, security, and lifecycle management across mission-critical workloads.
Key responsibilities
Cloud architecture & design: Create end-to-end OCI reference architectures for new and existing workloads (IaaS/PaaS), including landing zones and multi-tier applications.
Networking: Design VCN architecture (subnets, route tables, security lists/NSGs), DRGs, IPSec/FastConnect, load balancers, DNS, private endpoints, and network segmentation.
Identity & security: Implement IAM (compartments, policies, dynamic groups), MFA/SSO integration, key management (OCI Vault/KMS), secret management, encryption, and security posture management.
Governance & standards: Define tagging strategy, compartment model, guardrails, and architecture standards aligned to enterprise compliance needs.
Resilience & DR: Build HA/DR designs across availability and fault domains, regions, backup strategy, and recovery runbooks (RTO/RPO).
Automation & DevOps: Use IaC (Terraform), CI/CD pipelines, configuration management, and operational automation; promote reusable modules and patterns.
Observability & operations: Implement logging, monitoring, alarms, tracing, and capacity planning; establish SRE-style operational practices.
Migration & modernization: Lead assessments and migrations (on-prem to OCI), including rehost/refactor decisions and performance tuning.
Cost management: Implement FinOps practices—right-sizing, budgets, quotas, reserved capacity where applicable, and chargeback/showback.
Stakeholder engagement: Partner with app teams, security, network, and leadership; produce architecture artifacts and lead design reviews.
OCI database platform strategy: Define reference architectures and standards for Autonomous Database, Exadata Database Service, OCI DB Systems, and related HA/DR patterns.
Workload assessment & service fit: Recommend the best OCI database service for OLTP/analytics/mixed workloads, factoring performance, cost, operational ownership, and licensing (BYOL vs license included).
HA/DR architecture: Architect and govern RAC/Data Guard/Active Data Guard (as applicable), backup strategy (RMAN/backups), cross-region DR, and regular failover testing.
Performance architecture & tuning: Lead sizing, AWR/ASH-based tuning, SQL optimization, indexing/partitioning strategy, connection management, and throughput/latency validation.
Implement and govern TDE (tablespace/column), TLS in transit, and secure wallet/keystore management.
Define key rotation, custody, and lifecycle processes using approved KMS solutions (e.g., OCI Vault).
Ensure encryption coverage for backups, replicas, exports, and data movement.
Required skills/experience
Strong experience with OCI core services: Compute, Networking, Block/Object Storage, IAM, Load Balancing, Vault, Monitoring/Logging.
Proven cloud architecture experience (enterprise scale), including multi-account/compartment governance.
Hands-on with Terraform (preferred) and automation tooling.
Solid understanding of security and compliance principles (least privilege, encryption, auditability).
Experience designing HA/DR and operational runbooks.
Experience in Audit Vault and Database Firewall, Oracle Data Safe and DB Vault.
Responsibilities
Role summary
Designs, implements and governs cloud solutions on Oracle Cloud Infrastructure (OCI), ensuring security, scalability, reliability, cost efficiency across enterprise workloads, manage Oracle database platforms on OCI, ensuring performance, availability, security, and lifecycle management across mission-critical workloads.
Key responsibilities
Cloud architecture & design: Create end-to-end OCI reference architectures for new and existing workloads (IaaS/PaaS), including landing zones and multi-tier applications.
Networking: Design VCN architecture (subnets, route tables, security lists/NSGs), DRGs, IPSec/FastConnect, load balancers, DNS, private endpoints, and network segmentation.
Identity & security: Implement IAM (compartments, policies, dynamic groups), MFA/SSO integration, key management (OCI Vault/KMS), secret management, encryption, and security posture management.
Governance & standards: Define tagging strategy, compartment model, guardrails, and architecture standards aligned to enterprise compliance needs.
Resilience & DR: Build HA/DR designs across availability and fault domains, regions, backup strategy, and recovery runbooks (RTO/RPO).
Automation & DevOps: Use IaC (Terraform), CI/CD pipelines, configuration management, and operational automation; promote reusable modules and patterns.
Observability & operations: Implement logging, monitoring, alarms, tracing, and capacity planning; establish SRE-style operational practices.
Migration & modernization: Lead assessments and migrations (on-prem to OCI), including rehost/refactor decisions and performance tuning.
Cost management: Implement FinOps practices—right-sizing, budgets, quotas, reserved capacity where applicable, and chargeback/showback.
Stakeholder engagement: Partner with app teams, security, network, and leadership; produce architecture artifacts and lead design reviews.
OCI database platform strategy: Define reference architectures and standards for Autonomous Database, Exadata Database Service, OCI DB Systems, and related HA/DR patterns.
Workload assessment & service fit: Recommend the best OCI database service for OLTP/analytics/mixed workloads, factoring performance, cost, operational ownership, and licensing (BYOL vs license included).
HA/DR architecture: Architect and govern RAC/Data Guard/Active Data Guard (as applicable), backup strategy (RMAN/backups), cross-region DR, and regular failover testing.
Performance architecture & tuning: Lead sizing, AWR/ASH-based tuning, SQL optimization, indexing/partitioning strategy, connection management, and throughput/latency validation.
Implement and govern TDE (tablespace/column), TLS in transit, and secure wallet/keystore management.
Define key rotation, custody, and lifecycle processes using approved KMS solutions (e.g., OCI Vault).
Ensure encryption coverage for backups, replicas, exports, and data movement.
Required skills/experience
Strong experience with OCI core services: Compute, Networking, Block/Object Storage, IAM, Load Balancing, Vault, Monitoring/Logging.
Proven cloud architecture experience (enterprise scale), including multi-account/compartment governance.
Hands-on with Terraform (preferred) and automation tooling.
Solid understanding of security and compliance principles (least privilege, encryption, auditability).
Experience designing HA/DR and operational runbooks.
Experience in Audit Vault and Database Firewall, Oracle Data Safe and DB Vault.
Career Level - IC2
About Us
Only Oracle brings together the data, infrastructure, applications, and expertise to power everything from industry innovations to life-saving care. And with AI embedded across our products and services, we help customers turn that promise into a better future for all. Discover your potential at a company leading the way in AI and cloud solutions that impact billions of lives.
True innovation starts when everyone is empowered to contribute. That’s why we’re committed to growing a workforce that promotes opportunities for all with competitive benefits that support our people with flexible medical, life insurance, and retirement options. We also encourage employees to give back to their communities through our volunteer programs.
We’re committed to including people with disabilities at all stages of the employment process. If you require accessibility assistance or accommodation for a disability at any point, let us know by emailing accommodation-request_mb@oracle.com or by calling 1-888-404-2494 in the United States.
Oracle is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans’ status, or any other characteristic protected by law. Oracle will consider for employment qualified applicants with arrest and conviction records pursuant to applicable law.