Title – Oracle Cloud Environments Manager - Application Architect-Oracle Applications
Location: "Remote within UK - Project is based in Scotland and there maybe travel to Edinburgh/Glasgow as required
Base location will be nearest client office. Expenses would be paid for travel to offices other than base"
Eligibility – 5 years unbroken residency / Minimum 5 years of continuous UK residency
Required Skills
Oracle Cloud tenancy expertise, managing Oracle Cloud environments, SSO, LBAC, cloning, PaaS tenancy"
'SaaS
Oracle Cloud Infrastructure – SaaS Tenancy Expertise Required:-
• Provisioning of two new Fusion development instances, along with ongoing support aligned to the SSS/IBM deployment plans.
• Configuration of IDCS SSO Federation and OKTA Preview SSO Federation.
o Oracle will introduce a mandatory IAM upgrade in June, impacting access management, confidential applications, and OAuth. Support will be required to implement necessary changes across the PAS landscape in collaboration with my team.
• Configuration of LBAC and Access Control Lists (ACLs), ensuring IP allow-listing is restricted to the required actor groups.
• Management of instance cloning, aligned with maintenance windows and cloning availability. Ongoing requests are expected as defined in the SSS/IBM plans.
• Execution of post-clone activities, including enforcing access restrictions and removal of production URLs (supporting documentation will be provided).
• Data masking requirements (to be discussed in further detail) including:
o Documentation and auditing of all changes.
PaaS
Oracle Cloud Infrastructure – PaaS Tenancy Expertise Required:-
• Provisioning of two new Gen 3 Oracle Integration Cloud (OIC) instances and configuration of required services.
• Implementation of secure IP whitelisting within each instance.
• Load balancer configuration with strict ACLs, including connectivity to SFTP servers.
• Creation and management of users within OCI and OIC.
• Creation of service accounts and assignment to appropriate groups for OIC access.
• Setup of confidential applications to ensure integration with SaaS environments.
• Network configuration updates to enable connectivity from SSS source systems.
• Deployment of SSH, PGP, and X.509 keys for SFTP server named accounts, as required.
• Documentation and auditing of all changes."