Oracle OCI IAM Consultant

Objectives

Design and implement OCI IAM, Microsoft Entra, and Azure B2C–based SSO for Oracle EBS, OAS, PeopleSoft, Oracle Learning Management (OLM), and other Oracle workloads.

Enable seamless authentication for internal users (employees), external users, and contractors.

Architect and document a secure DMZ access pattern to protect on-premises resources while allowing selective inbound connections.

Ensure end-to-end security, high availability, and compliance with industry best practices.

Requirement

Define logical SSO flow between internal users, EntraID, OCI IAM, and Oracle apps for internal users

Define logical SSO flow between external users, Azure B2C, OCI IAM, and Oracle apps for external users

Configure Microsoft Entra as an SAML/OIDC identity provider for Oracle applications

Configure OCI IAM identity providers and federation with Entra ID

Configure Azure B2C as an SAML/OIDC identity provider for Oracle applications

Design DMZ zoning: reverse proxy, firewalls, and application gateways

Deploy and configure DMZ components

Define access policies, attribute mappings, and claim rules

Perform functional, security (penetration/vulnerability), and performance testing

Conduct user acceptance testing with internal and external stakeholder groups

Produce end-to-end security architecture diagrams and DMZ access patterns

Document configuration steps, policy definitions, and operational runbooks

Deliver a knowledge-transfer workshop and train-the-trainer sessions

Work with the Operations team for production migration

Deliverables

Solution Design Package: Includes high-level architecture diagrams, detailed SSO and federation flowcharts, DMZ zone definitions, firewall rule sets, and a working prototype.

Implementation Artifacts: Covers configurations for Entra ID, Azure B2C, and OCI IAM.

Test Reports: Includes functional and integration test cases with results, as well as security scan reports.

Operational Documentation: Comprises system configuration guides, access management runbooks, and troubleshooting guides.

Knowledge Transfer: Provides training to the operational team, including Q&A sessions and a support plan.

Teams Expertise Requirement

Extensive experience with OCI IAM, Microsoft Entra ID, Azure B2C, and SAML/OIDC protocols.

Strong expertise in DMZ design, firewall configurations, and application gateway setup.

Proficient in conducting penetration testing and vulnerability assessments.

Skilled in technical writing and training, with the ability to document and transfer knowledge effectively.

Acceptance Criteria

Successful SSO login for all defined user personas without manual intervention.

DMZ enforces least-privilege access, passing only necessary traffic.

All test cases pass with documented outcomes.

Documentation reviewed and approved by the client security team.

Knowledge transfer session delivered, and the client can independently manage the solution.