Oracle Micro Segmentation and Database Migration

About The Position

Requirements

• 4 years’ experience in migrating large complex databases and applications along with associated schemas, users/roles, privileges, jobs (DBMS_SCHEDULER), GoldenGate replications, and linked configurations to Oracle AI Database 26ai (built on 23ai)
• 4 years’ experience with designing and implementing high availability solutions, including Oracle RAC, Data Guard, Active Data Guard, and Always-On-like configurations with multitenant PDB failover, plus migration to cloud platforms like Oracle Exadata or Autonomous Database.
• 4 years’ experience regarding project status, stakeholder meetings, reporting requirements, scope changes, and migration planning/execution for Oracle database upgrades/migrations.
• 4 years’ experience with providing Hyper Care support post migration of databases and applications, including user support, performance troubleshooting, and issue resolution during stabilization phases.
• Hands-on experience implementing microsegmentation in Oracle environments using OCI Network Security Groups (NSGs) for fine-grained network isolation between application tiers (e.g., web, app, database), enforcing zero-trust policies, restricting east-west traffic to database ports (e.g., SQLNet.
• Proficiency in Oracle Multitenant architecture migrations, such as non-CDB to PDB conversions, PDB unplug/plug operations, refreshable clones for minimal-downtime upgrades, and using AutoUpgrade for automated in-place or clone-based migrations to Oracle AI Database 26ai.

Responsibilities

• Architect and execute Oracle micro-segmentation to deliver a zero-trust database security posture in a highly complex Oracle RAC environment.
• Deep analysis of blocking sessions, and strict validation of source and destination IP mappings to ensure no cross-segment access and complete isolation, preserving zero trust throughout the migration.
• Design and enforce access policies, identity and access management (IAM), and group policies to ensure that no unauthorized users can log in and that only approved service and privileged accounts have access, while implementing granular east-west segmentation and strict workload isolation.
• Implement policy-driven micro-segmentation to control traffic between workloads, inter-node communication, and continuously observe performance metrics and replication health.
• Configure granular access controls between workloads, apps, and environments (dev/test/prod) with security lists, flow logs, and firewall policies; deploy zero-trust network models
• Develop automation for repeatable deployments, ensuring scalable, consistent policies across all environments.
• Implement and oversee data replication from primary to standby, ensuring zero data loss, minimized replication lag, and high availability.
• Ensure compliance, reduce attack surfaces, and deliver a secure, resilient, and high-performance colocation deployment