Principal OIM Engineer

Under general direction of the Director of Identify and Access Management, the Principal OIM Engineer will support and advance the City’s Identity and Access Management (IAM) platform.

The Principal OIM Engineer will be responsible for the development, deployment, administration, and maintenance of Oracle Identity and Access Management (IAM) security solutions and programs.


The Principal OIM Engineer will contribute to the overall strategy, planning, evaluation & implementation of the entire Identity/Access Management stack. The individual in this role will significantly contribute to the direction and oversight into the IAM functions across the City and County, including areas such as developing centralized provisioning IAM engine to all Citywide Enterprise Applications, workfiow and review certification, Audit and Compliance, Hybrid cloud management, Privileged Access Management, Authentication & Authorization. This position will require expert knowledge in Oracle Fusion Middleware, Oracle Identity & Access Management administration, Identity cloud services, WebLogic administration, custom connector development, installation and configuration, performance tuning, backup, and recovery methods in multiple computing environments and must be well versed in J2EE, Service Oriented Architecture (SOA), Web Services, LDAP, XML, and SAML. This position also requires knowledge of Oracle databases and should be able to support other areas or functions as needed.


Possession of an Bachelor’s degree in Computer Science or related field from an accredited college or university OR its equivalent in terms of total course credits/units [i.e., at least sixty (60) semester or ninety (90) quarter credits/units with a minimum of twenty (20) semester or thirty (30) quarter credits/units in computer science or a closely-related field].

Experience: Five (5) years of experience in Identity and Access Management.

Substitution: Additional experience as described above may be substituted for the required degree on a year-for-year basis (up to a maximum of two (2) years). One (1) year is equivalent to thirty (30) semester units/ forty-five (45) quarter units with a minimum of 10 semester / 15 quarter units in computer science or a closely related field.

Ability to pass CJIS background check

Desirable Qualifications:

The stated desirable qualifications may be used to identify job finalists at the end of the selection process when candidates are referred for hiring.

•  7 plus years of progressive hands-on experience in design, architecture and administration of Identity and Access Management solutions using Oracle Identity and

Access Management suite .

•  7 plus years of experience in configuring automated user provisioning and access management

•  7 plus years of experience in SOA, BPEL workfiow configuration and management

•  8 years of experience in Spring, Struts, App servers, JQuery, Hibernate

•  7 plus years of experience in SOAP and RESTful framework

•  5 plus years of experience in Federation, SAML, OpenID, OAuth and other industry-standard authentication/authorization solutions.

•  10 plus years of Java, J2EE, JavaScript, HTML

•  10 plus years experience in Oracle Database and Linux operating systems

•  10 plus years experience in using Eclipse, JDeveloper, Maven

•  Experience in troubleshooting issues and quickly resolve them in an efficient manner that minimizes downtime.

•  Experience with Windows, Linux, and Unix Operating Systems

•  Ability to perform job functions with considerable independence and judgment.

•  Well organized with excellent written and verbal communications skills.

• Hands on experience in Identity cloud services and OCI

• Hands on experience in Jenkins, GitHub, Service Now

• Knowledge of vulnerability assessments and penetration tests.

• Knowledge of industry-standard frameworks – NIST, ISO, HIPAA, PCI


Why Work for the Department of Technology (DT)? The Department of Technology (DT) is the centralized technology services provider in CCSF. We deliver technology infrastructure and services to approximately 33,000 employees! With an annual operating budget of over $140M and approximately 260 employees, DT provides a host of services that includes:

People-Centered Solutions: Working for San Francisco, you can have a powerful, meaningful effect on the community every day. When we solve problems, people are the heart of every solution!

Benefits of Working for CCSF:  In addition to challenging and rewarding work, the City provides a generous suite of benefits to its employees.

  • Job security, pension, and robust retirement options
  • Competitive pay with consistent bi-yearly or yearly increases
  • Generous paid time off, family leave, and more!
  • Diverse work environment in a diverse city
  • Union protections and representation
  • Career development and growth — move between departments, learn on the job, or take subsidized/reimbursed classes!

CLOSING THE DIGITAL DIVIDE — bring the benefits of the internet to low-income and marginalized residents!

SHINE A LIGHT ON WHAT MATTERS — join an award-winning production team at SFGovTV to help residents watch legislators or learn more about what makes this City great!

DRIVE INNOVATION — deliver new, cutting-edge technology to residents and city partners to help San Francisco serve its residents!