Location Name: Pune Corporate Office - Mantri
Job Purpose
We are seeking a skilled Network Security Manager (GB05) with strong hands-on expertise in Oracle Cloud Infrastructure (OCI) networking and security, including Palo Alto SASE, OCI-native security controls (NSGs, Security Lists), and automation-driven rule governance.
The role is responsible for end-to-end network security operations, policy automation, and compliance within OCI environments, ensuring secure, scalable, and audit-ready cloud infrastructure. The candidate will also play a key role in managing security audits, compliance requirements, and ongoing security posture enhancements.
Duties And Responsibilities
PRINCIPAL ACCOUNTABILITIES
- Minimum Required Accountabilities for this Role (Mandatory)
OCI Network & Security Operations
- Manage and operate OCI networking components:
o VCNs, Subnets, Route Tables
o NSGs (Network Security Groups), Security Lists
o Internet Gateway, NAT Gateway, Service Gateway
o DRG (Dynamic Routing Gateway), Local & Remote Peering
- Ensure secure and optimized traffic flow between OCI workloads, on prem systems, and external networks.
Firewall & SASE Security Management
- Manage and operate Palo Alto (VM-Series / SASE) within OCI and hybrid environments.
- Configure and maintain:
o Security policies and rule bases
o NAT (SNAT/DNAT)
o VPNs (IPSec/SSL)
o Threat prevention profiles (IPS, Anti-malware, URL filtering)
- Ensure consistent enforcement of security policies across OCI workloads.
Security Policy Governance & Automation
- Implement and manage firewall rule lifecycle processes:
o Rule creation, review, optimization, and decommissioning
- Drive automation of rule reviews, recertification, and policy validation using scripts/API-based solutions.
- Maintain standardization across NSGs, Security Lists, and firewall rules.
Ingress/Egress Traffic Security
- Define and enforce secure ingress and egress controls for OCI applications.
- Implement segmentation strategies for east-west and north-south traffic flows.
- Ensure secure exposure of applications via load balancers, gateways, and SASE.
Monitoring & Incident Management
- Monitor firewall logs, OCI flow logs, and threat alerts.
- Handle 24×7 incident response, troubleshooting, and escalation.
- Perform root cause analysis (RCA) and implement proactive security improvements.
Audit & Compliance Management
- Manage network security audits (internal/external/regulatory) specific to OCI environments.
- Ensure compliance with organization policies and regulatory frameworks.
- Conduct:
o Firewall rule reviews and recertification
o NSG/security configuration audits
o Access and segmentation validation
- Track and close audit observations with proper documentation.
Documentation & Collaboration
- Maintain updated HLD, LLD, SOPs, runbooks, and security policies.
- Collaborate with cloud, DevOps, security, and application teams.
________________________________________
- Additional Accountabilities (Advanced / Growth-Oriented)
Security Architecture & Optimization
- Design and optimize secure OCI network architectures with segmentation and zero-trust principles.
- Define best practices for VCN design, peering, DRG-based architectures, and load balancing.
Automation & DevSecOps
- Implement Infrastructure as Code (IaC) using Terraform/OCI Resource Manager.
- Automate firewall rules, NSG updates, compliance checks, and configuration drift detection.
- Integrate network security into CI/CD pipelines.
Security Posture Enhancement
- Strengthen environment security using:
o Threat intelligence
o DDoS protection strategies|o Continuous monitoring and anomaly detection
- Integrate with SIEM/SOC tools for centralized visibility.
Leadership & Governance
- Act as technical escalation point for OCI security issues.
- Guide team members and vendors on best practices.
- Define governance models for OCI network security operations.
________________________________________
Key Decisions / Dimensions
- DECISIONS
- Approve firewall rule changes, NSG policies, and security configurations.
- Decide segmentation strategies and ingress/egress controls.
- Lead decisions during security incidents and audit escalations.
- Recommend improvements in security architecture and tooling.|DIMENSIONS
Financial Dimensions
- Management of OCI networking/security costs and Palo Alto licensing
Other Dimensions
- Total Team Size: ___
- Direct Reports: ___
- Indirect Reports: ___
- OCI Environments/VCNs Managed: ___
- Applications Hosted on OCI: ___
Major Challenges
- MAJOR CHALLENGES
- Maintaining consistent security posture across dynamic OCI environments.
- Managing complex firewall and NSG rule sets without over-permissive access.
- Ensuring continuous compliance with audit and regulatory expectations.
- Handling high-volume security alerts and incident response.
- Balancing agility and speed of deployment with strict security controls.
Required Qualifications And Experience
- SKILLS AND KNOWLEDGE
- Educational Qualifications
- Bachelor's / Master's in Computer Science, IT, or related field.
- Work Experience & Certifications
Must Have
- 5–8+ years in network security with cloud exposure, particularly OCI.
- Hands-on experience with:
o OCI Networking (VCN, DRG, NSG, Peering)
o Palo Alto Firewalls / SASE
- Strong knowledge of firewall policy management, NAT, VPNs, and segmentation.
- Experience in automating firewall rule review and compliance processes.
- Proven experience in handling security audits and compliance requirements.
Good to Have
- Certifications: OCI Architect/Professional, PCNSE, CCNP Security.
- Experience with Terraform, Python, Ansible for automation.
- Exposure to SIEM/SOC integrations and cloud security monitoring.
Soft Skills
- Strong ownership, audit handling capability, and stakeholder management.
- Excellent troubleshooting and analytical skills.
- Ability to work in a 24×7 operational environment.
