Cloud Architect/ Infrastructure(Red Hat OpenStack )

Role Overview

Key Responsibilities

• Own security architecture and hardening of the OpenStack / OpenShift platform — the primary technical
• accountability of this role
• Work alongside the Compliance SME and security specialists to translate requirements into platform-level
• configurations and design decisions
• Design cryptographic architecture: Barbican HSM integration, LUKS volume encryption, cert-manager PKI lifecycle
• Define network segmentation policies across Control, Management, and Tenant Planes using Neutron / OVN
• Review and validate IaC templates (Heat / Ansible / GitOps) for compliance-aligned configurations
• Review and validate IaC templates (Heat / Ansible / GitOps) to ensure security-aligned configurations are correctly
• implemented
• Produce HLDs, reference architectures, and design decision records as UCF / audit evidence artefacts
• Produce architecture diagrams, HLDs, and configuration specifications to support the compliance evidence
• package
• Act as technical escalation point for the SME and project team on complex cloud infrastructure queries

Required Skills & Experience

• 8+ years hands-on cloud architecture / infrastructure — with deep expertise in Red Hat OpenStack Platform (Nova,

Neutron, Cinder, Keystone, Barbican, Swift)

• Red Hat OpenShift / Kubernetes: security hardening, RBAC, Security Context Constraints (SCC), OVN-Kubernetes,
• cert-manager, etcd
• Cloud security architecture: network segmentation, IAM federation, secrets management, encryption at rest and in
• transit
• Cryptographic implementation: TLS 1.3, AES-256, HSM integration (Thales / SafeNet / equivalent), LUKS, PKI
• lifecycle
• Hands-on with security hardening tooling: OpenSCAP, Compliance Operator, sshd_config / crypto-policy tuning,
• audit logging
• Ability to work alongside and translate requirements from security, compliance, and regulatory specialists
• Strong technical documentation: architecture diagrams, HLDs, design decision records, configuration runbooks

Preferred / Nice To Have

• Prior experience in regulated financial services or government cloud deployments
• Red Hat certifications (RHCA, RHCSA) or equivalent cloud security credentials (CCSP, AWS Security)
• Experience working within a structured compliance or audit-readiness programme
• Experience contributing to cloud audit readiness programmes and evidence packaging