DevOps / IAM Engineer

We are looking for an experienced DevOps / IAM Engineer to join an international engineering team working on a greenfield software platform with large-scale impact. The platform supports end-to-end digital processes for fiber network services, including customer onboarding, service provisioning, installation tracking, and lifecycle management.

In this role, you will be responsible for developing and operating Identity and Access Management (IAM) capabilities based on Keycloak / RHSSO, running on Kubernetes. You will play a key role in enabling secure authentication, authorization, and single sign-on (SSO) for internal systems and machine-to-machine communication.

Key Responsibilities

IAM & Platform Engineering

• Develop, operate, and maintain Keycloak / RHSSO-based IAM solutions on Kubernetes.
  

• Enable secure SSO and machine-to-machine authentication using OAuth 2.0 and OpenID Connect.
  

• Design and maintain IAM configurations including realms, clients, roles, scopes, identity providers, and themes.
  

• Apply a configuration-as-code approach to IAM (versioned configuration promoted across environments).
  

• Troubleshoot authentication and authorization flows end-to-end.
  

DevOps, GitOps & Automation

• Operate Kubernetes-based environments using GitOps principles with Argo CD.
  

• Package and deploy applications using Helm charts and Argo CD application management.
  

• Build and maintain CI/CD pipelines (e.g. GitLab) for containerized workloads.
  

• Automate operational tasks using Python and Bash scripts.
  

• Standardize deployment, configuration, and troubleshooting practices across environments.
  

Operations, Reliability & Observability

• Monitor and operate IAM services in production environments.
  

• Diagnose and resolve platform issues (CPU/memory pressure, pod health, configuration problems).
  

• Participate in incident response, upgrades, and migrations.
  

• Implement and use observability tooling for monitoring, alerting, and troubleshooting.
  

Collaboration & Continuous Improvement

• Work closely with development teams to improve reliability, security, and automation of the IAM platform.
  

• Contribute to platform documentation, operational standards, and best practices.
  

• Support international collaboration in distributed teams.
  

Must-have

• Minimum 3 years of experience as a DevOps / Platform Engineer / SRE, operating Kubernetes in production.
  

• Strong hands-on experience with Kubernetes (deployments, services, ingress, secrets, config maps).
  

• Solid understanding of IAM fundamentals: authentication vs authorization, identity lifecycle, roles, permissions, and machine-to-machine access.
  

• Practical experience with OAuth 2.0, OpenID Connect, and JWT.
  

• Hands-on experience with Keycloak / RHSSO, including troubleshooting authentication and authorization issues.
  

• Experience with GitOps delivery using Argo CD.
  

• Strong knowledge of Docker and container-based workflows.
  

• Experience with CI/CD pipelines (e.g. GitLab).
  

• Scripting skills in Python and Bash.
  

• Good English communication skills for work in an international environment.
  

Nice-to-Have / Advantageous

• Experience running Keycloak using operator-based approaches (Kubernetes / OpenShift).
  

• Deeper operational knowledge of PostgreSQL (performance tuning, HA, maintenance).
  

• Experience with cloud platforms (AWS, Azure, GCP).
  

• Programming experience in Go, Java, or Quarkus (e.g. operators, extensions, SPI development).
  

• Familiarity with large-scale, international software projects.
  

• University degree in Computer Science, Engineering, Mathematics, or a related field.
  

Technology Stack

• IAM: Keycloak / RHSSO / RHBK, OAuth 2.0, OpenID Connect, JWT
  

• Containers & Orchestration: Kubernetes, Docker, Ingress
  

• GitOps & Delivery: Git, GitLab CI/CD, Argo CD, Helm
  

• Automation: Python, Bash (Go / Java as a plus)
  

• Observability: Grafana, Prometheus, ELK Stack, Dynatrace
  

• Database: PostgreSQL
  

• Cloud: AWS or other cloud platforms (advantage)