IAM KeyCloak Engineer (PID0594)

This is a remote position. We are seeking an IAM Engineer with strong experience in Keycloak authentication protocols and hybrid cloud integration. You will support the deployment automation and integration of IAM services across on-prem and cloud environments ensuring secure and scalable access management within a mission-critical platform.

6 month full-time contract mostly remote with occasional onsite in Germany. Fluent English is the only language requirement.

Responsibilities

• Implement RBAC/ABAC policies and configure multi-realm setups
• Map Kerberos/IPA identities into Keycloak realms roles and clients
• Configure SSO flows MFA and identity federation across hybrid environments
• Deploy Keycloak on VMs Docker and Kubernetes (including OpenShift and GKE)
• Configure Keycloak for OIDC OAuth2 SAML LDAP/AD and Kerberos integration
• Secure Keycloak with TLS certificates (Vault-issued or enterprise CA)
• Map Keycloak roles to GCP IAM roles for hybrid cloud workload access control
• Configure multi-tenant setups for on-prem and cloud workloads
• Integrate Keycloak with Vault for secret management and PKI
• Configure dynamic secrets for Keycloak DB backends and automate rotation policies
• Automate Keycloak and Vault deployments using Terraform Helm or Ansible
• Integrate IAM and Vault into CI/CD pipelines for consistent application onboarding
• Troubleshoot token flows federation errors and certificate issues
• Monitor IAM and Vault services with Prometheus and Grafana

Requirements

Eligibility

• Residency in the EU EEC UK or Switzerland

Must-Have Experience

• Strong understanding of auth protocols: OIDC OAuth2 SAML Kerberos LDAP
• Proven deployment and management experience with Keycloak across on-prem and cloud environments
• Integration of Keycloak with Vault for secrets and PKI
• Automation with Terraform Helm or Ansible
• Troubleshooting complex IAM and federation issues in hybrid setups

Language Skills

• Fluent English (C1 level or above)

Preferred

• Experience with cloud services (AWS Azure GCP)
• Fluent German
• Experience working in Agile/Scrum environments
• Ability to resolve certificate/PKI issues in Keycloak with Vault integration

Benefits

As a freelancer / contractor with us you will enjoy flexible working hours and the freedom to choose your own projects. Our platform gives you access to exciting projects in various industries and supports you in advancing your career. You’ll benefit from competitive pay and a dedicated team to help you with any questions you may have. Work independently and utilise our strong network to achieve your professional goals.