Senior IAM/SSO Engineer (M/F/X)

As part of strengthening our identity and access management team, we are looking for a Senior IAM/SSO Engineer capable of working on large-scale, critical environments. You will contribute your expertise in authentication , identity federation , and access management technologies , while supporting project teams in the integration and evolution of IAM services. You will also play a key role in the continuous improvement of authentication and authorization platforms, as well as in securing access to applications and APIs.

Responsibilities:

• Provide technical expertise on IAM and SSO platforms .

• Participate in the design, development and optimization of authentication and authorization services.

• Supporting IAM integration projects for business applications.

• Provide expert level ( N3 ) support on IAM components.

• Participate in the analysis and resolution of complex incidents.

• Define and implement identity federation mechanisms.

• Participate in the design, development, configuration, migration and deployment phases.

• Identify technical and security risks and propose remediation plans.

• Implement tools for monitoring, diagnosing and tracking performance.

• Advising architects, developers and operations teams on IAM best practices.

• Contribute to the continuous improvement of IAM platforms and processes.

What we are looking for:

Essential skills:

• Excellent command of identity federation protocols:

  • SAML 2.0

  • OAuth 2.0

  • OpenID Connect (OIDC)

• Proficiency in the main IAM protocols:

  • LDAP

  • Kerberos

  • Radius

  • SCIM

  • FIDO2 / WebAuthn

  • OATH

• Solid understanding of IAM concepts :

  • RBAC

  • ABAC

  • ReBAC

  • Digital Identity Management

• Good command of Java in a web server environment.

• Good understanding of securing web applications and APIs .

• Knowledge of Single Page Application (SPA) architectures .

• Experience in critical production environments.

Desired skills

• Directory administration:

  • Microsoft Active Directory

  • LDAP

  • OpenLDAP

  • eDirectory

• Experience with IAM platforms on the market:

  • Keycloak

  • OpenAM

  • Okta

  • PingOne

• Proficiency in Microsoft Entra ID (Azure AD) environments .

• Knowledge of Zero Trust architectures .

• Experience with reverse proxies:

  • F5 Big-IP

  • Apache

• Knowledge of CI/CD environments .

• Experience with containerized platforms:

  • Docker

  • OpenShift

  • Kubernetes

• Knowledge of encryption technologies:

  • PKI

  • Digital certificates

  • Electronic signature

• Mastery of application servers:

  • Tomcat

  • JBoss

  • Apache

• Systems knowledge:

  • Linux

  • Unix

  • Windows Server

• Experience in enterprise architecture:

  • ArchiMate

  • architectural modeling tools.

Desired qualities:

• Strong focus on service and user satisfaction.

• Excellent analytical and problem-solving skills.

• Sense of responsibility and safety.

• Technical curiosity and ability to learn quickly.

• Excellent interpersonal and teaching skills.

• Ability to work in complex and critical environments.

• Team spirit and knowledge sharing.

• Excellent written and oral communication skills in French and English.

Preferred certifications:

Highly recommended

• Certified Identity and Access Manager (CIAM)

• Microsoft Identity & Access Administrator (SC-300)

• Microsoft Security Operations Analyst (SC-200)

• Microsoft Cybersecurity Architect (SC-100)

Additional advantages

• Okta Certified Professional / Administrator certifications

• Keycloak Certifications

• CISSP

• CCSP

• Cloud certifications ( Azure , AWS , Google Cloud )

• DevSecOps or Application Security certifications.

How does the recruitment process work at Ekkiden?

At Ekkiden, we are committed to providing a positive experience for every candidate.