Cloud Sec Architect

```html

Overall Architect Lead Responsibilities

Design and Document:

1. Cloud Guard configuration
2. Security Zones setup
3. Security Advisor configuration
4. Web Application Firewall configuration
5. Security Audit setup

Compartment Security

1. Design and Define Compartment Security requirements
2. Document Naming conventions and Tagging Compartments
3. Defining the policy statement
4. Required rule statement identification and technical definition for new policies
5. Compute instance life cycle definition

Bastion Security

1. Access control configuration definition
2. Node access restriction documentation
3. Network restriction definition and documentation
4. Host Security (HSM) requirement, configurations, definitions and documentation

Block Volume Security

1. Access Policy definitions for user and resources
2. Encryption and key requirement definitions
3. Cloud guard detector and responder recipe definitions for block volume
4. Process definition and documentation of Encryption key rotation for block volumes
5. Incident response process definition for block volume cloud guard notifications

Virtual Machine Security

1. Secure network access requirement definitions
2. Cloud guard detector and responder recipe definitions for Compute resources
3. Security zone (optional) requirement identification and definition for compute resources
4. Process definitions to respond to problems detected in Cloud Guard
5. Identification and definition of compute patch requirements and processes
6. Documentation of VSS requirements and processes
7. Security audit process definitions

Network Security

1. Public and Private subnet technical requirement definition
2. WAF, Firewall and API Gateway Security rule definition
3. Security zone definition
4. Network related IAM policy definition
5. IPSec VPN security configuration definition

Object Storage Security

1. Secure network access definition for resources
2. Identification and definition of Cloud Guard (optional) recipes for Object Storage
3. Create a security zone (optional) requirement identification and definitions
4. Process definitions to respond to security problems detected in Cloud Guard
5. Security Audit process definitions

Zones Security

1. Define requirements for compartments and security zones
2. Evaluate and define new security zone policies
3. Define process for security zone audit

Tag Security

1. Define tag namespaces

Securing Vulnerability Scanning

1. Define requirement and configuration for service gateway to scan Compute instances that don't have public IP addresses
2. Define process for security audit

Due to the nature and urgency of this post, candidates holding or who have held high level security clearance in the past are most welcome to apply. Please note successful applicants will be required to be security cleared prior to appointment which can take up to a minimum of 10 weeks.

LA International is a HMG approved ICT Recruitment and Project Solutions Consultancy, operating globally from the largest single site in the UK as an IT Consultancy or as an Employment Business & Agency depending upon the precise nature of the work. For security cleared jobs or non-clearance vacancies, LA International welcomes applications from all sections of the community and from people with diverse experience and backgrounds.

Award Winning LA International, winner of the Recruiter Awards for Excellence, Best IT Recruitment Company, Best Public Sector Recruitment Company and overall Gold Award winner, has now secured the most prestigious business award that any business can receive, The Queens Award for Enterprise: International Trade, for the second consecutive period.