Identity And Access Management (IAM) Engineer (Cybersecurity)
Мэтч & Сопровод
Для мэтча с этой вакансией нужен Plus
Описание вакансии
TL;DR
Identity And Access Management (IAM) Engineer (Cybersecurity): Designing, implementing, and securing Proton's core internal identity infrastructure with an accent on identity lifecycle automation and zero-trust security. Focus on integrating open-source IAM solutions like Keycloak and midPoint to streamline onboarding/offboarding and ensure strict access governance.
Location: Onsite in Paris
Salary: €53,000 - €80,000 gross annually
Company
A privacy-focused organization providing encrypted communication and data tools to millions of users globally.
What you will do
- Design, implement, and maintain core IAM solutions using self-hosted and open-source environments (Keycloak, midPoint).
- Develop automated secure processes for user provisioning and de-provisioning across the account lifecycle.
- Manage identity governance processes, including access rights, entitlements, and compliance audits.
- Configure and optimize authentication and authorization mechanisms based on granular security policies.
- Write high-quality code for infrastructure automation and configuration management to eliminate operational toil.
Requirements
- Proven experience as an IAM Engineer within a production environment.
- Hands-on experience with open-source IAM solutions such as FreeIPA, Keycloak, or midPoint.
- Deep technical knowledge of LDAP, SAML, OAuth, and OIDC protocols.
- Proficiency in scripting languages like Python and Bash for automation and tooling.
- Solid background in system engineering for deploying complex self-hosted solutions.
- Location: Must be based in Paris
Nice to have
- Advanced proficiency in implementing and maintaining midPoint.
- Experience with IaC tools such as Ansible or Puppet.
- Relevant industry certifications like CIDPRO.
Culture & Benefits
- Company stock options providing a real stake in the organization.
- Comprehensive health coverage and retirement options.
- Strong in-person collaboration culture with provided daily lunch and snacks in the office.
- Transport allowances covering public transport, bike, or parking.
- Flexible working schedules focused on outcomes rather than clock-in times.
Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →