Job ID: MNSITE-2037 (90090317)3P
Remote Oracle OIM/OAM Architect/Admin with 12c, IAM, IDCS, OCI cloud, WebSphere and government experience
Location: St Paul MN (MNEIAM)
Duration: 3-12 months
Interview: phone/online
Attachments: RTR/Skill Matrix
Positions: 1 (1/1)
Description of Project
Minnesota IT Services’ (MNIT) current enterprise identity and access management system (MNEIAM) is built in the Oracle Identity Management (OIM)/Oracle Access Management (OAM) 11g platform. MNIT is seeking a consultant to design and possibly build out a new, optimized system in OIM/OAM 12c. MNIT is not interested in a lift and shift of the current environment; MNIT is not expecting the selected consultant to reference the current architecture in the design of the new system. MNIT is looking for a completely new, optimized design utilizing industry best practices for OIM/OAM 12c. MNIT is seeking a design for a streamlined, secure service which can be scaled up to meet additional service needs with minimal complexity to enable inhouse support.
Project Background
The current MNEIAM system was designed, developed, and deployed in 2013 and upgraded to Oracle 11g in 2016. The upgrade from 10g to 11g did not look at modernizing or simplifying integration methods but rather just lifted and shifted the current integration to the newer version. Some of the technology is now nearing end of life and needs to be replaced. Managing and maintaining both business and technical aspects of the current system requires very specific skills and knowledge, and needs to be simplified so State staff can easily integrate additional applications using standard and modern methods.
In the new design, MNIT is seeking to take advantage of a hybrid approach where sensitive information remains on premise and cloud services are used where appropriate to provide cost savings and flexibility. The system requires an availability of 24/7 with limited downtime for maintenance. The design requires high availability as well as disaster recovery capabilities to meet a 4-hour downtime and data loss. The modernization process will enable the MNEIAM application to respond better to change, require less maintenance, and ultimately better serve the public.
MNIT seeks a consultant that has demonstrated success in completing this type of design and implementation, and strongly prefers a consultant with experience creating or maintaining Oracle IAM products and cloud services.
The selected consultant is expected to provide all skills necessary to perform the work of each deliverable.
The high-level business requirements for the design include:
• One identity per person (One Minnesota concept where citizens have one id and credential to do all the business with state applications)
• Identities are in separate identity stores (citizen, employees, partners and contractors)
• Supports 5 million citizens and 75,000 employees
• Allows for easy integration with .Net applications, Java applications and off the shelf type applications
• Meets NIST 800-53 requirements
• Transactional information is logged so the State can answer any data request around “who accessed my data and when”
• Integrated applications use the Oracle Entitlement review module so access certifications and entitlement reviews can be automated for all applications
• Provides cost efficiencies using cloud services where it makes sense for faster integrations and flexibility for testing
• Provides the ability to change the time clock forward so an application can test what happens in the future – current use of OIF needs to be replaced
• Allows for delegated administration
• Handles multiple roles efficiently
• Allows for the use of SOAP and Restful services
• Accommodates easy integration with mobile applications
• Allows for elevating login to use two factor authentication if the application holds sensitive information
• Allows for the use of sending a code for MFA with an approve/deny type response or a code they enter
• Accommodates single sign on
• Allows for self-service password resets that integrates with an identity proofing solution
• Allows for the use of federated authentication with social media login capabilities
• High availability along with disaster recovery
Project Phases and Deliverables
Phase 1: Optimized Environment Design
• Deliverable #1: High level architecture for the new optimized solution for Oracle 12c that includes:
• Design of the optimized environment (Visio diagrams where appropriate are preferred). Design should include, but is not limited to, numbers and size of servers required for each design option.
• Design options for fully on-premise, cloud, and hybrid cloud implementations.
• Documentation for design and functionality of each component, including details on design and enablement of each component that addresses legacy applications, mobile applications, and new, modern applications.
• Documentation of component sizing options that support the high-level requirements above with a scalable, streamlined, optimized solution that reduces complexity.
• High level project plan and roadmap for design buildout of the design options above.