Role: IAM Architect
Location: Berlin (Remote)
Duration: Contract, 6 months
Start Date: 19.07.2021
We are working with a Berlin based eCommerce client who are looking for a IAM Architect. The project consists of the unification of multiple partner facing identity access management systems. The project will have the end goal of migrating four identity capabilities into one consolidate and unified authentication system following the clients overall IAM strategy and reusing the already centrally procured tooling (Okta, Savyint and Open Policy agent).
- In the 1st phase the focus is on providing a unified Login experience between connected retail users and direct users.
- Migrating authentication capabilities to Okta ( IAM procured service) from Auth0 (Connected Retail IAM solution) and Keycloak (Direct IAM solution).
- The solution implementation will have to concentrate of minimizing the efforts on dependent systems and processes (eg. onboarding and off-boarding) and as well guaranteeing a smooth or invisible migration for the end users' point of view.
- At the end of these phase the client expects having the users being able to login with one set of credentials into a unified partner Identity solution and being able to single-sign-on to applications offered independently.
- In the 2nd phase, the focus is on unifying the account and role model structure of the client and their connected retail partners, a prerequisite to enable:
- -Unified and consistent onboarding and off-boarding procedure (from lead generation to getting the right access entitlements).
- Unified self-service user management and access control to enable partners to control their employee without operational effort required by the clients helpdesk and support teams.
- The solution will have to take into consideration extensibility, reusability requirement, as the structure/hierarchy, systems and processes will need to be extended and able to support other partner facing parts of the company.
- At the end of these phases we expect to connect retail and direct users who will be able to manage their company users' access in autonomy using an unified web user interface.
- We expect the clients operational effort to control partner users' access to be 0 as a partner can manage their access in autonomy. We expect partner support teams (partner helpdesk) to be able to act on access just for recovery an emergency procedure.
- We expect onboarding procedure controlled by Salesforce systems and custom services maintained by the direct and connected retail to converge into a consistent process.
- Designing solutions to connect different systems
- Reviewing solutions in details from other employees
- Reviewing and quality insurance
- Project experience in identity and access management
- 5+ years project experience as an Architect
- Good knowledge of Okta
Ideally you will have:
- Good communication skills
- Experience with Kubernetes
Sounds like you? Apply here and we will have a call to discuss the specifics if you profile is a match.
At Talent, we lead the way when it comes to diversity and inclusion hiring practices. We strive to help our clients build their teams - creating diverse and inclusive cultures. With our human centric approach to recruitment, we are committed to hiring, developing and retaining exceptional people regardless of race, colour, religion, sex, sexual orientation, age, marital status, disability or gender identity. Put simply, we give a damn.