Oracle Cloud Architect with Cloud IAM and Entra SSO experience

Summary:
Under the guidance/direction/supervision of the Cloud Manager and others as assigned, the candidate will design and implement OCI IAM and Microsoft Entra based SSO solutions for both cloud and on-premises Oracle applications. The candidate should be an expert in Identity and Access Management (IAM), Single Sign-On (SSO), and secure DMZ architectures. The candidate will also document the end-to-end security architecture and DMZ access patterns to ensure robust, scalable, and secure user access for internal and external stakeholders.
Responsibilities:

• Design, configure, and deploy OCI IAM Identity Providers and federations and integrate with Microsoft Entra ID (formerly Azure AD) to establish SAML/OIDC-based SSO for: o Oracle E-Business Suite
  • PeopleSoft
  • Oracle Analytics Server 2024
• Implement bidirectional federation: Allow Entra users to authenticate into OCI-protected apps and allow OCI identities to access Entra-protected resources.
• Integrate on-premises Oracle applications with OCI IAM and Entra via OCI IDCS, Azure AD Application Proxy, or custom federation proxies as needed.
• Integrate on-premises Oracle applications with OCI IAM, using OCI IDCS or custom federation proxies as needed.
• Deploy and configure secure reverse-proxy or WAF layers (OCI Web Application Firewall, Application Gateway, Azure AD Application Proxy, Oracle Access Manager) for external SSO endpoints.
• Document the OCI IAM security architecture, including trust models, identity lifecycles, user-attribute mapping, and certificate management.
• Define and implement a hardened DMZ architecture to broker access between external users, internal users, and on-premises Oracle services.
• Configure OCI Networking (VCNs, Subnets, Security Lists, Network Security Groups, Transit Gateways) to enforce least privilege access.
• Develop runbooks, standard operating procedures (SOPs), and security baselines for IAM administration, patching, and certificate rotation.
• Conduct security reviews, threat modeling, and periodic penetration testing in collaboration with the Security Operations team.
• Work closely with application teams, network engineers, and security auditors to align access requirements and compliance standards.
• Provide training sessions and hand-off documentation for operations and support teams.

Requirements:
Required Experience:

• Minimum of 15 years of experience in the Oracle stack, with at least 8 years in enterprise IAM.
  • Proven track record implementing SAML 2.0 / OIDC SSO integrations with on-premises Oracle stacks (EBS, PeopleSoft, OAS).
  • Hands-on experience in designing and operating secure DMZ/network architectures for hybrid cloud/on-prem environments.

Required Technical Skill:

• OCI Core Services: IAM, Networking (VCN, NSG, TGW), Compute, Load Balancing, WAF.
  • Azure Core Services: Entra ID, Virtual Network, Application Gateway, Azure AD Application Proxy.
  • Federation Technologies: SAML 2.0, OIDC, OAuth2, JWT, LDAP/AD integration.
  • On-Premises Oracle Stack: EBS 12.2.7, PeopleSoft, OAS 2024.
  • Reverse Proxy / API Gateway: Oracle Access Manager, OCI API Gateway, Azure AD App Proxy.
• Oracle Certified Master (OCM) or Professional (OCP) in Cloud IAM or Security.
• Excellent communication, analytical, and project management skills.

About: ExpediteInfoTech, Inc. (EIT) is a SBA 8(a) certified small business. Headquartered in Rockville, MD since 2012, EIT has provided specialized technical, cybersecurity, IT, and financial advisory solutions to the Federal, State and County governments. Our clients include the US Department of Education, US Department of Transportation, US Department of Justice, US Department of Health & Human Services, Montgomery County government, Prince George's County Government, the governments of the State of Maryland and the District of Columbia. EIT is appraised at level 3 for CMMI Services & CMMI Development, as well as ISO 9001:2015, ISO 20000-1:2018 and ISO 27001:2013.

EIT offers a competitive benefits package including medical, dental, vision and prescription drug coverage, paid time off, federal holidays, matching 401K plan, and tuition/professional development reimbursement benefits.

EIT is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, or any other characteristic protected by applicable law.