Beschreibung
Job Title: IAM Architect – Identity & Access Management
Location: Berlin
Work Model: Contract, Hybrid
Start Date: ASAP
Department: Platform & Security Architecture
About the Role
We are looking for a highly experienced IAM Architect to design and guide the implementation of secure, scalable, and compliant identity and access management solutions across hybrid cloud environments. This role focuses on aligning IAM architecture with Zero Trust principles, integrating enterprise identity systems, and supporting infrastructure-level IAM capabilities such as PKI, PAM, and secrets management.
The ideal candidate brings expert-level knowledge in IAM standards, protocols, and tools, with a proven track record of delivering architectural solutions in complex, cloud-native and on-premise environments.
Key Responsibilities
IAM Architecture & Strategy
Design the overarching IAM architecture aligned with Zero Trust principles and hybrid cloud requirements.
Define architectural guidelines and blueprints for identity lifecycle management, authentication, and access control.
Ensure alignment of IAM capabilities with platform-level security, compliance, and scalability needs.
Provide clear and traceable IAM architecture documentation.
Enterprise Identity Integration
Design and coordinate integration with enterprise identity providers (e.g., AD, ADFS, Azure AD).
Implement federated identity management across cloud and on-premise systems.
Define interfaces and data flows for identity synchronization and federation.
Consult on secure delegation, role-based access control, and identity mapping.
Secrets Management & Privileged Access
Define architecture and integration strategies for secrets management (e.g., Vault, HSMs).
Implement policies for secure handling, rotation, and auditing of credentials and secrets.
Contribute to the design and enforcement of Privileged Access Management (PAM) systems.
Ensure auditability and observability of all IAM-related operations.
Infrastructure & Platform Integration
Provide architectural consultancy to platform and infrastructure teams.
Review and validate IAM-related solution designs for compliance and feasibility.
Advise on IAM implementation patterns for specific services and environments.
Integrate IAM infrastructure components (PKI, HSM, PAM, LDAP) into platform architecture.
Design scalable directory structures for hybrid/cloud environments.
Agile Delivery Support
Participate in agile planning and delivery cycles to ensure IAM requirements are incorporated.
Coordinate with platform architecture and development teams to refine IAM backlog items.
Ensure architectural decisions are reflected in user stories and technical tasks.
Track IAM-related deliverables throughout the project lifecycle.
Your Profile
Senior-level experience in IAM architecture, with a strong focus on hybrid cloud and infrastructure-oriented environments.
Deep understanding of IAM standards, protocols (e.g., SAML, OAuth, OpenID Connect), and tools.
Proven experience in delivering IAM solutions across cloud-native and on-premise systems.
Strong background in integrating enterprise identity systems and implementing Zero Trust models.
Demonstrated ability to independently perform architectural work in complex project settings.
Excellent communication and stakeholder engagement skills.
Fluent in English (German is a plus).
Location: Berlin
Work Model: Contract, Hybrid
Start Date: ASAP
Department: Platform & Security Architecture
About the Role
We are looking for a highly experienced IAM Architect to design and guide the implementation of secure, scalable, and compliant identity and access management solutions across hybrid cloud environments. This role focuses on aligning IAM architecture with Zero Trust principles, integrating enterprise identity systems, and supporting infrastructure-level IAM capabilities such as PKI, PAM, and secrets management.
The ideal candidate brings expert-level knowledge in IAM standards, protocols, and tools, with a proven track record of delivering architectural solutions in complex, cloud-native and on-premise environments.
Key Responsibilities
IAM Architecture & Strategy
Design the overarching IAM architecture aligned with Zero Trust principles and hybrid cloud requirements.
Define architectural guidelines and blueprints for identity lifecycle management, authentication, and access control.
Ensure alignment of IAM capabilities with platform-level security, compliance, and scalability needs.
Provide clear and traceable IAM architecture documentation.
Enterprise Identity Integration
Design and coordinate integration with enterprise identity providers (e.g., AD, ADFS, Azure AD).
Implement federated identity management across cloud and on-premise systems.
Define interfaces and data flows for identity synchronization and federation.
Consult on secure delegation, role-based access control, and identity mapping.
Secrets Management & Privileged Access
Define architecture and integration strategies for secrets management (e.g., Vault, HSMs).
Implement policies for secure handling, rotation, and auditing of credentials and secrets.
Contribute to the design and enforcement of Privileged Access Management (PAM) systems.
Ensure auditability and observability of all IAM-related operations.
Infrastructure & Platform Integration
Provide architectural consultancy to platform and infrastructure teams.
Review and validate IAM-related solution designs for compliance and feasibility.
Advise on IAM implementation patterns for specific services and environments.
Integrate IAM infrastructure components (PKI, HSM, PAM, LDAP) into platform architecture.
Design scalable directory structures for hybrid/cloud environments.
Agile Delivery Support
Participate in agile planning and delivery cycles to ensure IAM requirements are incorporated.
Coordinate with platform architecture and development teams to refine IAM backlog items.
Ensure architectural decisions are reflected in user stories and technical tasks.
Track IAM-related deliverables throughout the project lifecycle.
Your Profile
Senior-level experience in IAM architecture, with a strong focus on hybrid cloud and infrastructure-oriented environments.
Deep understanding of IAM standards, protocols (e.g., SAML, OAuth, OpenID Connect), and tools.
Proven experience in delivering IAM solutions across cloud-native and on-premise systems.
Strong background in integrating enterprise identity systems and implementing Zero Trust models.
Demonstrated ability to independently perform architectural work in complex project settings.
Excellent communication and stakeholder engagement skills.
Fluent in English (German is a plus).