View all jobs
Task Order Response Instructions:
To respond to this Task Order Request, vendors must submit each candidate in a separate e-mail. Submittal of multiple candidates in a single e-mail may delay processing.
Candidate Name, Task Order Request# and Functional Job Title
The resume must be emailed with your GSA Price List to: Michelle.Synovitsky@cuny.edu.
Task Order Request #14124, PeopleSoft Senior Campus Solutions Technical Developer, Vendor Name
Respondents must submit the requested documentation by the Closing Date, scheduled f, July 7, 2025 at 2 PM. Responses will not be accepted past the due date and time, and the respondents shall accept the University’s records with respect to the time of receipt.
Exhibit A
The RFQ Form should list the Unit Price for the Consultant performing one hour of work. Once the solicitation has ended, the University will evaluate pricing and qualifications, and calculate the total number of estimated hours from the date of award on the Purchase Order – please do not enter an estimated total number of hours.
Below is a example if your company was submitting a Consultant at the rate of $90/hour. A compliant response will look as follows:
OAM 14124
New York, NYBusiness Office Computing and Information Services 395 Hudson Street | 5th Floor
New York, NY 10014
GSA Task Order Request Form
Oracle Access Management (IAM)
New York, NY 10014
GSA Task Order Request Form
Oracle Access Management (IAM)
| Request Date: | June 25, 2025 |
| Agency: | City University of New York |
| Terms: | 30 Months |
| Agency Contact E-mail: | michelle.synovitsky@cuny.edu |
| Project Name | CUNY Workday Deployment of HR and Finance Modules |
Project Description: |
This position is responsible for integrating, managing and securing access to an organization's cloud resources. They also monitor and respond to security incidents, manage multi-factor authentication (MFA) settings, and collaborate with other IT teams to integrate IAM solutions with various applications and systems. |
| Day to day tasks to be performed by the Consultant: | • Configure and customize SSO solution in high availability mode using Oracle Access Management to implement various features such as Federation/SAML, OAuth, Open ID Connect, Multi-Factor Authentication besides current solution setup only for Header Based application integrations. • Work in the following 12c PS4 version tools - Oracle Access Management, Oracle HTTP Server, Oracle Advanced Authentication (OAA), Oracle Adaptive Risk Management (OARM) OR Oracle Adaptive Access Management in a large, complicated environment with services in High Availability (MDC). • How would you explain the key components of Identity and Access Management, particularly Identity Life Cycle Management and Single Sign-On, and how have you applied them in past projects? • Integrate workday with CUNY's current IAM Infrastructure. • Maintain the OAM/SSO environments with regular patching. • Can you describe a time when you used Java or scripting languages like Shell, PowerShell, or JavaScript to automate tasks during an Oracle Fusion Middleware implementation, particularly involving SSL configuration? • Developing custom pages for login and MFA, authentication plug-in, SAML profiles, etc. • Work with vendors and application owners (At colleges) to define the requirements for each application for SSO integrations using OAM Federation Services such as SAML, OIDC and OAuth2. • Setup and configure applications in the test environments. • Configure Oracle Unified Directory - Directory Server and Proxy Server. Extend the directory schema and create vitual attributes as per the use cases. • Document each application integration including the issues resolved during the integration. • Work with vendors and application owners to confirm applications are functioning as expected. |
| • Diligently document all details and tasks involved with various integrations, developing solutions in OAM. • Work closely with application teams on integrating various flavors of applications for SSO. Independently troubleshoot and fix issues related to Application integrations and/or product related issues. • Configure to leverage API usage in all Oracle IAM components including Oracle Microservices - Oracle Advanced Authentication (OAA) and Oracle Adaptive Risk Management (OARM) for various use cases. • Debug internal and external integration issues not limited to the products but OS related, Load balancers, Firewalls, App Servers, etc., and collaborate with external teams such as Oracle Support, Networking, Systems, DBA and Application Teams to resolve. • Create or modify existing BI Publisher reports to generate audit reports as per application team's requirements eg: For PeopleSoft and Workday reports. • Work closely with other teams to identify and solve issues. • Duties as assigned. |
| Number of Staff Requested under Task Order: | 1 |
| Functional Job Title, GSA Experience Requirements | CUNY will evaluate all candidates with GSA titles with a minimum of seven (7) years' experience. |
| Skill Level | Expert 7 years Oracle Access Management Suite experience required. |
| Number of Candidate Resumes permitted per Vendor: | 3 |
| Target Start Date | After Office of State Comptroller contract approval |
| Term of Engagement | 30 months from Notice of Award |
| Estimated Completion Date | January 27, 2028 |
| Daily Work Hours | 9am – 6pm, with one hour for lunch. |
Work Location |
100% Remote Engagement Anticipated Office Location is 395 Hudson Street 6th Floor, New York, NY 10014 |
Typical Software Used for Engagement |
Oracle Identity & Access Management (IAM) PeopleSoft Workday Oracle Unified Directory (OUD) Active Directory (AD) Microsoft 365 (M365) |
| Typical Hardware Used for Engagement | Laptop, desktop |
| Position Mandatory Qualifications | |||
| Oracle Access Management Architect | Pass/Fail | ||
Qualification Number |
Requested Qualifications |
Points Assigned for Meeting Qualifications | Maximum Points Allowed for Exceeding Qualifications |
1. |
84 months working in the following 12c PS4 version tools - Oracle Access Manager, Oracle HTTP Server, Oracle Advanced Authentication (OAA), Oracle Adaptive Risk Management (OARM) OR Oracle Adaptive Access Management and Oracle RADIUS Agent in a large, complicated environment with services in High Availability (MDC). IT Security concepts including Identity and Access Management domain such as Identity Life Cycle Management and Single Sign On. |
7.5 |
10 |
2. |
84 months debugging internal and external integration issues not limited to the products but OS related, Load balancers, Firewalls, App Servers, etc., and collaborate with external teams such as Oracle Support, Networking, Systems, DBA and Application Teams to resolve. |
7.5 |
10 |
3. |
84 months experience in OAM Suite SSO products, including customizing OAM Features such as Header Based, SAML/Federation, OAuth, OpenID Connect, MFA, Advanced Authentication, etc., as per application use cases in high availability setup; OAAM and/or 12c OAA/OARM Microservices; developing custom pages, authentication plug-in, SAML profiles, etc. | 7.5 |
10 |
4. |
84 months experience in Installation, Configuration, Customization, Deployment, Integration and Performance tuning of Oracle Internet Oracle Unified Directory 12cPS4. Configure Oracle Unified Directory - Directory Server and Proxy Server. Extend the directory schema and create vitual attributes as per the use cases. |
7.5 |
10 |
5. |
84 months experience with JAVA, scripting languages such as Shell, PowerShell, JavaScript, configuring SSL in Oracle Fusion Middleware products etc to automate various tasks in the implementations. Configure to leverage API usage in all Oracle IAM components for various use cases. |
3.75 |
5 |
6. |
84 months Experience in various SAML and Federation libraries and integrations with different products such as SimpleSAMLPHP, Shibboleth, Okta, Ping, etc. | 3 |
4 |
7. |
84 months experience in container platform to deploy and run 12c microservices releases in Oracle Access Management such Advanced Authentication in containers. Experience in Kubernetes platform. |
3.75 |
5 |
| 8. | 84 months of experience in WebLogic experience deploying applications, debugging issues in the application server, Configuring providers such as LDAP, SAML Asserters and configuring role based access in the weblogic domain. | 1.5 | 2 |
| 9. | 84 months of experience in Active Directory integrations and migrations from LDAP based authentication to Single Sign On tools for authentication and authorization. | 1.5 | 2 |
| 10. | 84 months of experience in developing custom Oracle BI Publisher reports. |
1.5 | 2 |
| Requested Qualifications Must Always Total 60 Points for Maximum Score | 45 | 60 | |
| Interview | 20 | ||
| Price | 20 | ||
| Total Score | 100 | ||
| Additional Information Requests: | |
| Security Requirements for Candidate, if Applicable | Yes |
| Training from Candidate, if Applicable | Potential training and knowledge transfer to CUNY staff |
Knowledge Transfer from Candidate, if Applicable. |
This phase involves ongoing mentoring of CIS employees, identifying the knowledge to be transferred, mapping out the key stakeholders involved, and setting clear objectives and expectations for the knowledge transfer process. During this phase, the selected candidate shall document the knowledge that needs to be transferred. This could include, but is not limited to, creating documents, manuals, and guidelines. All work performed during the engagement (development, deployment, configuration, integration, performance tuning, etc.) must be fully and clearly documented to allow both processes and their products to be replicated in additional environments by CUNY staff with reproducible results. Demonstration and other in-person knowledge transfers must be provided as requested to supplement documentation. |
| Anticipated Travel, if Applicable. | No |
Task Order Response Instructions:
To respond to this Task Order Request, vendors must submit each candidate in a separate e-mail. Submittal of multiple candidates in a single e-mail may delay processing.
The Resume File Name attached to the e-mail must read:
Candidate Name, Task Order Request# and Functional Job Title
The resume must be emailed with your GSA Price List to: Michelle.Synovitsky@cuny.edu.
The Subject Line of the e-mail must be written as follows:
Task Order Request #14124, PeopleSoft Senior Campus Solutions Technical Developer, Vendor Name
The Body of the e-mail must include:
- Candidate Name
- Candidate Title
- Candidate Hourly Rate, noting any discount from the standard GSA rate.
- A completed RFQ Form (Instructions for completion are included in the Exhibit A in this document).
- An attachment containing a copy of the applicable GSA Contract under SIN 54151S
- An attachment containing a copy of the candidate’s resume (Please list the vendor's name either in the file name or in the body of the resume document) - do not include price information on the resume document.
Respondents must submit the requested documentation by the Closing Date, scheduled f, July 7, 2025 at 2 PM. Responses will not be accepted past the due date and time, and the respondents shall accept the University’s records with respect to the time of receipt.
Exhibit A
The RFQ Form should list the Unit Price for the Consultant performing one hour of work. Once the solicitation has ended, the University will evaluate pricing and qualifications, and calculate the total number of estimated hours from the date of award on the Purchase Order – please do not enter an estimated total number of hours.
Below is a example if your company was submitting a Consultant at the rate of $90/hour. A compliant response will look as follows: