IAM Engineer – Red Hat SSO / Keycloak

We are looking for an experienced Identity and Access Management (IAM) Engineer with strong expertise in Red Hat SSO / Keycloak to design, implement, and support secure authentication and authorization solutions in enterprise environments.

The ideal candidate will have hands-on experience implementing Keycloak in production environments, integrating with enterprise identity providers, and deploying IAM solutions within containerized platforms such as OpenShift/Kubernetes.

This role involves building secure authentication architecture aligned with modern OAuth2 / OpenID Connect standards, supporting single sign-on (SSO) across applications, and ensuring compliance with enterprise security standards in banking-grade environments.

Key Responsibilities

IAM Architecture & Implementation

• Design and implement IAM solutions using Red Hat SSO / Keycloak in enterprise environments.
• Build secure authentication architectures supporting enterprise applications.
• Implement Single Sign-On (SSO) across multiple internal and external applications.
• Configure realms, clients, roles, policies, and identity providers in Keycloak.

Identity Federation & Integrations

• Implement Identity Federation with enterprise identity providers such as:
• Microsoft Azure Active Directory
• LDAP / Active Directory
• SAML-based identity providers
• Integrate Keycloak with enterprise systems including:
• API Gateways
• Microservices platforms
• External SaaS applications

Authentication Protocols

• Implement authentication and authorization using:
• OAuth2
• OpenID Connect (OIDC)
• SAML 2.0
• Develop secure token-based authentication flows for microservices and APIs.

Container & Platform Integration

• Deploy and manage Keycloak/Red Hat SSO in containerized environments such as:
• Red Hat OpenShift
• Kubernetes
• Manage high availability, scaling, and performance tuning of IAM components.

Security & Compliance

• Ensure IAM solutions meet enterprise security standards, especially within banking or regulated environments.
• Implement secure authentication flows including:
• MFA
• Conditional access
• Role-based access control (RBAC)
• Support security audits and compliance initiatives.

Development & Automation

• Develop custom Keycloak extensions, providers, and themes when required.
• Automate IAM deployments using CI/CD pipelines.
• Support infrastructure-as-code and DevOps practices.

Job Requirements

Core IAM Skills

• 6-12 years of relevant experience
• Strong hands-on experience with Keycloak or Red Hat Single Sign-On
• Experience implementing IAM solutions in production environments
• Deep understanding of:
• OAuth2
• OpenID Connect (OIDC)
• SAML 2.0

Integration Experience

• Identity Federation with:
• Azure Active Directory
• LDAP / Active Directory
• Experience integrating IAM with API gateways and microservices platforms

Container & Cloud Platforms

• Hands-on experience with:
• Red Hat OpenShift
• Docker
• Kubernetes

Development Skills

• Java or Spring Boot development (for Keycloak extensions)
• REST API integration
• Experience with CI/CD pipelines

Preferred Qualifications

• Experience working in banking / financial services environments
• Knowledge of Zero Trust architecture
• Experience implementing Multi-Factor Authentication (MFA)
• Familiarity with API security frameworks
• Experience with monitoring tools (Prometheus, Grafana)
• Red Hat certification related to OpenShift or security
• Certified IAM / security certifications (CISSP, CISM, etc.)
• Kubernetes certifications