Job description

Below is the job description for the position: Job Title: Active Directory / Oracle IAM Engineer Location: New York, NY (Remote) Duration: 12+ Months Project Description: Seeking a seasoned consultant to lead the migration of authentication mechanisms from on-premises Microsoft Active Directory (AD) to Oracle Access Manager (OAM) Federation across its 26 colleges. This role requires extensive experience in federated identity management, including the integration and configuration of SAML, OAuth, and OpenID Connect protocols. The consultant will assess current AD-integrated applications, design migration strategies, and ensure secure and seamless Single Sign-On (SSO) across diverse platforms. Mandatory Qualifications: • 7 years of experience with Active Directory Authentication and Identity Management solutions. • 7 years experience migrating applications from Active Directory to federated services like OAM Federation. • 7 years experience in troubleshooting and debugging skills for identity-related integration issues across platforms. • 7 years experience in working with authentication protocols: SAML, OAuth, and OpenID Connect. • 7 years experience in collaborating with cross functional teams including network, application, and Oracle support teams. Key Responsibilities: Research and Planning: • Work with CUNY’s IT and application teams across colleges to inventory and analyze AD-integrated applications. • Document existing authentication mechanisms and use cases. • Design tailored migration plans to transition applications from AD-based authentication to federated OAM services (e.g., SAML). • Collaborate with vendors and application owners to capture detailed integration requirements. • Apply best practices for federated Identity Provider (IdP) integrations. Implementation and Integration: • Configure and test applications in OAM test environments before migrating to production. • Migrate applications from on-prem AD to OAM Federation in accordance with use-case requirements. • Implement features including Federation/SAML, OAuth, OpenID Connect, and Multi-Factor Authentication (MFA). • Customize and deploy login/MFA pages and authentication plugins. • Develop and manage SSO in high availability (HA) mode using Oracle Access Management. Troubleshooting and Support: • Independently resolve authentication and integration issues, including cross-platform and federation challenges. • Interface with Oracle support, network, system, and application teams to diagnose and resolve issues. • Utilize strong debugging skills across software (OAM, app servers), hardware (load balancers, firewalls), and OS (Linux, Windows). Documentation and Knowledge Transfer: • Create detailed documentation for migration processes, configurations, and issue resolutions. • Conduct knowledge transfer sessions and training with CUNY IT staff. Duties Include: • Configure SSO integrations with SAML in test and production OAM environments. • Validate end-to-end functionality in collaboration with vendors and app owners. • Automate tasks using Java, Shell scripting, PowerShell, JavaScript, etc. • Integrate and manage Oracle IAM APIs and Oracle Advanced Authentication (OAA) / Oracle Adaptive Risk Management (OARM). • Perform regular patching and maintenance of OAM/SSO environments. • Participate in incident triage and user/configuration management in Office 365 hybrid environments. Technology Stack: Software: • Microsoft AD (On-Premises and Azure/Entra ID) • Oracle Access Manager, Oracle Unified Directory, Oracle HTTP Server • Oracle Advanced Authentication, Oracle Internet/Virtual Directory • Kubernetes, WebLogic, BI Publisher • RHEL and Windows Server OS Hardware: • Data Center environments with VMS virtualization Security Requirements: • Experience with user and configuration management at admin.microsoft.com • Familiarity with hybrid Office 365 environments • Ability to work closely with security teams (CIS, IMS) and perform incident triage Thanks & Regards Infojini Consulting Website: Address: 10015 Old Columbia Road, Suite B 215, Columbia, MD 21046

Requirements