Oracle Cloud Architect
ASSYST, Inc.
Rockville, MD
Job description
ASSYST is seeking an Oracle Cloud Architect, who under the guidance, direction, and supervision of the Cloud Manager and others as assigned, the Contractor will design and implement OCI IAM– and Microsoft Entra–based SSO solutions for both cloud and on-premises Oracle applications. The ideal candidate will be an expert in Identity and Access Management (IAM), Single Sign-On (SSO), and secure DMZ architectures. Responsibilities also include documenting the complete security architecture and DMZ access patterns to ensure robust, scalable, and secure user access for internal and external stakeholders.
Responsibilities:
Design, configure, and deploy OCI IAM Identity Providers and federations.
Integrate OCI IAM with Microsoft Entra ID to establish SAML/OIDC-based SSO for:
Collaborate with application teams, network engineers, and security auditors to align on access requirements and compliance standards.
Provide training sessions and hand-off documentation for operations and support teams.
Requirements:
Technical Skills:
ASSYST is an Equal Opportunity Employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, age, disability, military status, national origin or any other characteristic protected under federal, state, or applicable local law.
Responsibilities:
Design, configure, and deploy OCI IAM Identity Providers and federations.
Integrate OCI IAM with Microsoft Entra ID to establish SAML/OIDC-based SSO for:
- Oracle E-Business Suite
- PeopleSoft
- Oracle Analytics Server 2024
- Allow Entra users to authenticate into OCI-protected applications.
- Allow OCI identities to access Entra-protected resources.
- OCI IDCS
- Azure AD Application Proxy
- Custom federation proxies
- OCI Web Application Firewall
- Application Gateway
- Azure AD Application Proxy
- Oracle Access Manager
- Trust models
- Identity lifecycles
- User-attribute mapping
- Certificate management
- Define and implement a hardened DMZ architecture to broker access between external users, internal users, and on-premises Oracle services.
- VCNs
- Subnets
- Security Lists
- Network Security Groups
- Transit Gateways
- IAM administration
- Patching
- Certificate rotation
Collaborate with application teams, network engineers, and security auditors to align on access requirements and compliance standards.
Provide training sessions and hand-off documentation for operations and support teams.
Requirements:
- Minimum of 15 years of experience in the Oracle stack, with at least 8 years in enterprise IAM.
- Proven track record implementing SAML 2.0 / OIDC SSO integrations with on-premises Oracle stacks (EBS, PeopleSoft, OAS).
- Hands-on experience in designing and operating secure DMZ/network architectures for hybrid cloud/on-prem environments.
Technical Skills:
- OCI Core Services: IAM, Networking (VCN, NSG, TGW), Compute, Load Balancing, WAF.
- Azure Core Services: Entra ID, Virtual Network, Application Gateway, Azure AD Application Proxy.
- Federation Technologies: SAML 2.0, OIDC, OAuth2, JWT, LDAP/AD integration.
- On-Premises Oracle Stack: EBS 12.2.7, PeopleSoft, OAS 2024.
- Reverse Proxy / API Gateway: Oracle Access Manager, OCI API Gateway, Azure AD App Proxy.
- Oracle Certified Master (OCM) or Oracle Certified Professional (OCP) in Cloud IAM or Security.
ASSYST is an Equal Opportunity Employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, age, disability, military status, national origin or any other characteristic protected under federal, state, or applicable local law.