Identity Access ManagementIAM Engineer
Identity Access ManagementIAM Engineer
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Not Disclosed
Salary Not Disclosed
1 Vacancy
Job Description
Primary Responsibilities
Design and implement IAM solutions using Keycloak for secure authentication and authorization based on OIDC OAuth2 and SAML protocols.
Integrate Keycloak with internal and external applications APIs and thirdparty services to enable secure access and identity federation.
Manage and maintain the Keycloak infrastructure including clustering performance tuning and monitoring.
Implement custom authentication flows policies and user federation strategies using Keycloak.
Collaborate with DevOps and infrastructure teams to ensure the scalability security and high availability of Keycloak deployments.
Automate the management of identity and access workflows including user provisioning deprovisioning and rolebased access control (RBAC).
Provide technical expertise for OIDC/OAuth2 standards keeping up with industry trends and ensuring compliance with evolving security requirements.
Troubleshoot issues related to authentication authorization and access control ensuring a seamless user experience.
Document system configurations processes and troubleshooting procedures for internal teams and stakeholders.
Conduct regular security audits and recommend improvements for IAM practices and systems.
Participate in and contribute to crossfunctional teams working on broader IAM DevSecOps and security initiatives.
Provide support for implementing troubleshooting and maintaining of identity management systems.
Rapidly distinguish isolated user problems from enterprisewide application/system problems and provide recommended solutions.
Provide followup reports (technical findings feedback resolution steps taken) for root cause analysis engineering technical assessment and process improvement initiatives.
Update operations and maintenance documentation for 24/7/365 enterprise watch personnel.
Work with Operations Engineering and vendor support to develop solutions to complex technical issues.
Work independently as part of a virtual team
Provide mentorship and training for junior team members.
Basic Qualifications
Bachelors degree in Computer Science Information Technology or a related field or equivalent work experience.
35 years of experience working in Identity and Access Management (IAM) with a focus on Keycloak and OIDC/OAuth2 technologies.
Strong handson experience with configuring deploying and managing Keycloak in a production environment.
Deep understanding of authentication and authorization protocols including OIDC OAuth2 SAML and LDAP.
Proficiency in Java Python or other scripting languages used for extending and automating Keycloak.
Experience with user federation (LDAP Active Directory etc.) and social identity providers (Google Facebook etc.) using Keycloak.
Familiarity with DevOps practices including CI/CD pipelines and experience with DockerKubernetes and infrastructureascode (IaC) tools such as Terraform.
Strong problemsolving and debugging skills particularly in complex distributed environments.
Ability to work in an Agile/Scrum environment collaborating with crossfunctional teams.
Strong communication skills with the ability to articulate technical solutions to both technical and nontechnical stakeholders.
Candidate must at a minimum meet DoD 8570.11 IAT Level II certification requirements (currently Security CE CCNASecurity GSEC or SSCP along with an appropriate computing environment (CE) certification)
Education
Candidate must have a Bachelors degree with at least 12 years of relevant experience. Additional years of experience may be considered in lieu of degree.
Preferred Qualifications
5 years of experience in IAM or related security engineering roles.
Experience with cloud platforms (AWS Azure GCP) and securing cloudnative applications.
Experience with identity governance tools (e.g. SailPoint Okta).
Familiarity with API security (e.g. JWT mTLS) and best practices for securing microservices architectures.
Experience implementing MFA SSO and zerotrust architectures.
Employment Type
Full Time
