Specialist - Multi-Cloud IAM - OCI

Details Department: Security Schedule: Full Time Monday - Friday 8am - 5pm CT Location: Remote Salary: $100,218.00 - $139,698.00 per year Benefits Comprehensive health coverage: medical, dental, vision, prescription coverage and HSA/FSA options Financial security & retirement: employer-matched 403(b), planning and hardship resources, disability and life insurance Time to recharge: pro-rated paid time off (PTO) and holidays Career growth: Ascension-paid tuition (Vocare), reimbursement, ongoing professional development and online learning Emotional well-being: Employee Assistance Program , counseling and peer support, spiritual care and stress management resources Family support: parental leave, adoption assistance and family benefits Other benefits: optional legal and pet insurance, transportation savings and more Benefit options and eligibility vary by position, scheduled hours and location. Benefits are subject to change at any time. Your recruiter will provide the most up-to-date details during the hiring process. Responsibilities Job Summary Works as a specialized subject matter expert within the Cloud IAM team, translating complex business security and compliance requirements into robust, scalable Identity and Access Management solutions. This role will have a primary focus on Oracle Cloud Infrastructure (OCI), while also supporting Microsoft Azure, Google Cloud Platform (GCP), and Amazon Web Services (AWS). The role applies to the core CyberSecurity lifecycle (Identify, Protect, Detect, Respond, and Recover) to secure and manage multi-cloud assets and user identities. Responsibilities: Serves as a key technical point of contact for Cloud IAM, specializing in OCI, managing stakeholder expectations and ensuring prompt, high-quality service delivery across the multi-cloud environment. Forms productive networks with internal resource owners across all supported cloud platforms (OCI, Azure, GCP, AWS), governance teams, and external vendor communities. Contributes to the development of project plans related to multi-cloud security initiatives, with a priority on OCI. Conducts advanced diagnosis and problem resolution, applying the CyberSecurity lifecycle toward complex multi-cloud IAM issues and business problems, with hands-on expertise in the OCI platform. Designs, directs, and performs technical analyses to resolve complex project issues, including the technical feasibility of proposed multi-cloud IAM solutions. Designs and implements multi-cloud IAM projects with broad organizational implications, requiring integration of OCI, Azure, GCP, and AWS security platforms with enterprise-wide identity providers. Serves as a staff resource and mentor regarding multi-cloud IAM architectural systems and best practices, particularly focusing on the unique aspects of OCI. Core OCI IAM Technical Expertise: OCI IAM Fundamentals : Deep understanding of OCI's IAM concepts including: Users, Groups, and Identity Domains: Creating, managing, and configuring user identities and assigning them to appropriate groups and domains. Policies: Writing, implementing, and enforcing fine-grained access control policies using the OCI policy language to grant least-privilege access to resources across compartments. Compartments: Designing and managing a secure compartment structure to logically organize and isolate OCI resources and enforce separation of duties. Authentication and Authorization : Implementing and managing strong authentication methods, including Multi-Factor Authentication (MFA) and adaptive security. Configuring Federation with external identity providers (like Microsoft Active Directory, Okta) to enable Single Sign-On (SSO). Security Services Integration : Familiarity with how OCI IAM interacts with other OCI security services, such as: OCI Vault: For managing encryption keys and secrets. OCI Cloud Guard and Security Zones: For maintaining security posture and compliance. Automation and Scripting : Experience with OCI's automation tools to streamline provisioning and policy enforcement: OCI CLI and SDKs: For managing IAM resources programmatically. Infrastructure as Code (IaC): Using tools like Terraform and OCI Resource Manager to define and deploy IAM policies and compartments efficiently. Foundational Identity and Access Management (IAM) Knowledge IAM Principles : Thorough understanding of core IAM concepts like: Authentication, Authorization, and Accounting (AAA). The Principle of Least Privilege (PoLP). Identity Lifecycle Management (ILM) from provisioning to de-provisioning. Security Protocols : Knowledge of industry-standard security and access protocols (e.g., SAML, OAuth, OIDC). Directory Services : Familiarity with enterprise directory services like LDAP and Active Directory. Requirements Education:High School diploma equivalency with 2 years of cumulative experience OR Associate's degree/Bachelor's degree OR 4 years of applicable cumulative job specific experience required. Additional Preferences Licensure/ Certification/ Registration: Preferred certifications include Oracle Cloud Infrastructure (OCI) Foundations Associate or OCI Security Professional. Secondary certifications in Azure, GCP, or AWS security/identity are a plus. #LI-Remote Why Join Our Team Ascension is a leading nonprofit Catholic health system with a culture and associate experience grounded in service, growth, care and connection. We empower our 99,000+ associates to bring their skills and expertise every day to reimagining healthcare, together. Recognized as one of the Best 150+ Places to Work in Healthcare and a Military-Friendly Gold Employer, you'll find an inclusive and supportive environment where your contributions truly matter. Equal Employment Opportunity Employer Ascension provides Equal Employment Opportunities (EEO) to all associates and applicants for employment without regard to race, color, religion, sex/gender, sexual orientation, gender identity or expression, pregnancy, childbirth, and related medical conditions, lactation, breastfeeding, national origin, citizenship, age, disability, genetic information, veteran status, marital status, all as defined by applicable law, and any other legally protected status or characteristic in accordance with applicable federal, state and local laws. For further information, view the EEO Know Your Rights (English) poster or EEO Know Your Rights (Spanish) poster. Fraud prevention notice Prospective applicants should be vigilant against fraudulent job offers and interview requests. Scammers may use sophisticated tactics to impersonate Ascension employees. To ensure your safety, please remember: Ascension will never ask for payment or to provide banking or financial information as part of the job application or hiring process. Our legitimate email communications will always come from an @ email address; do not trust other domains, and an official offer will only be extended to candidates who have completed a job application through our authorized applicant tracking system. E-Verify statement Employer participates in the Electronic Employment Verification Program. Please click here for more information. Responsibilities Architect Multi-Cloud IAM Frameworks: Engineer and maintain scalable Identity and Access Management (IAM) architectures across OCI, Azure, GCP, and AWS, translating complex business security requirements into technical specifications aligned with the NIST Cybersecurity Framework (Identify, Protect, Detect, Respond, Recover). OCI Security Orchestration: Execute deep-tier technical implementation within Oracle Cloud Infrastructure, including the design of granular policy syntax, hierarchical compartment structures for resource isolation, and the management of OCI Identity Domains to enforce strict least-privilege access. Infrastructure as Code (IaC) & Automation: Develop and deploy IAM configurations using Terraform and OCI Resource Manager, leveraging OCI CLI and SDKs to automate identity lifecycle management, resource provisioning, and security posture enforcement. Identity Federation & Protocols: Configure and troubleshoot complex cross-platform integrations using SAML 2.0, OAuth 2.0, and OpenID Connect (OIDC) to federate OCI with external providers such as Okta, Azure AD, and LDAP-based directory services for seamless SSO. Advanced Security Integration: Synthesize IAM workflows with OCI Vault for secrets management and Cloud Guard/Security Zones to automate threat detection and maintain continuous compliance across a distributed multi-cloud environment. Qualifications Education:High School diploma equivalency with 2 years of cumulative experience OR Associate's degree/Bachelor's degree OR 4 years of applicable cumulative job specific experience required.

Created: 2026-03-04