Oracle Cloud Architect

Company: Esinc Dc
Location: Rockville
Posted on: May 23, 2025

Job Description:

Under the guidance/direction/supervision of the Cloud Manager and others as assigned, the Contractor will design and implement OCI IAM- and Microsoft Entra-based SSO solutions for both cloud and on-premises Oracle applications. The candidate should be an expert in Identity and Access Management (IAM), Single Sign-On (SSO), and secure DMZ architectures. The candidate will also document the end-to-end security architecture and DMZ access patterns to ensure robust, scalable, and secure user access for internal and external stakeholders.
Duties & Responsibilities

• Design, configure, and deploy OCI IAM Identity Providers and federations-and integrate with Microsoft Entra ID (formerly Azure AD)-to establish SAML/OIDC-based SSO for:
  

• 
  
• Oracle E-Business Suite
  
• PeopleSoft
  
• Oracle Analytics Server 2024
  
  
  
• Implement bidirectional federation: Allow Entra users to authenticate into OCI-protected apps and allow OCI identities to access Entra-protected resources.
  
• Integrate on-premises Oracle applications with OCI IAM and Entra via OCI IDCS, Azure AD Application Proxy, or custom federation proxies as needed.
  
• Deploy and configure secure reverse-proxy or WAF layers (OCI Web Application Firewall, Application Gateway, Azure AD Application Proxy, Oracle Access Manager) for external SSO endpoints.
  
• Document the OCI IAM security architecture, including trust models, identity lifecycles, user-attribute mapping, and certificate management.
  
• Define and implement a hardened DMZ architecture to broker access between external users, internal users, and on-premises Oracle services.
  
• Configure OCI Networking (VCNs, Subnets, Security Lists, Network Security Groups, Transit Gateways) to enforce least-privilege access.
  
• Develop runbooks, standard operating procedures (SOPs), and security baselines for IAM administration, patching, and certificate rotation.
  
• Conduct security reviews, threat modeling, and periodic penetration testing in collaboration with the Security Operations team.
  
• Work closely with application teams, network engineers, and security auditors to align on access requirements and compliance standards.
  
• Provide training sessions and hand-off documentation for operations and support teams.
  
  Requirements:
  
  
• Experience
  
  • 
    
  • Minimum of 15 years of experience in the Oracle stack, with at least 8 years in enterprise IAM.
    
  • Proven track record implementing SAML 2.0 / OIDC SSO integrations with on-premises Oracle stacks (EBS, PeopleSoft, OAS).
    
  • Hands-on experience in designing and operating secure DMZ/network architectures for hybrid cloud/on-prem environments.
    
    
    
  • Technical Skills
    
    • 
      
    • OCI Core Services: IAM, Networking (VCN, NSG, TGW), Compute, Load Balancing, WAF.
      
    • Azure Core Services: Entra ID, Virtual Network, Application Gateway, Azure AD Application Proxy.
      
    • Federation Technologies: SAML 2.0, OIDC, OAuth2, JWT, LDAP/AD integration.
      
    • On-Premises Oracle Stack: EBS 12.2.7, PeopleSoft, OAS 2024.
      
    • Reverse Proxy / API Gateway: Oracle Access Manager, OCI API Gateway, Azure AD App Proxy.
      
      
      
    • Certifications: Oracle Certified Master (OCM) or Professional (OCP) in Cloud IAM or Security.
      
    • Excellent communication, analytical, and project management skills.
      
      #J-18808-Ljbffr

Keywords: Esinc Dc, Montgomery Village , Oracle Cloud Architect, IT / Software / Systems , Rockville, Maryland