Job
Description
Role Overview: We are seeking a highly skilled Keycloak Administrator with a minimum of 4 years of hands-on experience in Identity and Access Management (IAM) using Keycloak . The ideal candidate will be responsible for installing, configuring, managing, and supporting Keycloak-based identity services in a secure enterprise environment. This role will require close collaboration with security, development, and infrastructure teams to ensure secure authentication, authorization, and user management . Primary Responsibilities: Install, configure, and administer Keycloak in high-availability, production environments. Design, implement, and manage Identity and Access Management (IAM) solutions using Keycloak for internal and external applications. Manage user federation, identity brokering, and integration with external identity providers (IdP) (e.g., LDAP, AD, SAML, OIDC, OAuth2). Define and configure realms, clients, roles, and groups , ensuring proper access control and security policies. Manage authentication flows, custom login flows, and multifactor authentication (MFA) using Keycloak. Collaborate with development teams for secure application integrations using OAuth2, OIDC, and SAML protocols. Monitor Keycloak server health, performance tuning, and ensure high availability and disaster recovery readiness. Manage Keycloak upgrades, patches, and security updates in compliance with security guidelines. Troubleshoot authentication/authorization issues and coordinate with application and security teams for resolutions. Implement and maintain audit logging, monitoring, and ing related to Keycloak activities. Develop and maintain documentation, SOPs, and best practices for Keycloak operations. Ensure compliance with organizational security standards, GDPR, and privacy policies . Provide technical support and guidance for IAM-related issues and incidents. Required Skills: 4+ years of experience in Keycloak administration and IAM solutions . Strong knowledge and hands-on experience with Keycloak architecture, realms, clients, and protocols (OAuth2, OIDC, SAML) . Experience with user federation and identity brokering using LDAP, Active Directory, and external IdPs. Proficiency in RBAC (Role-Based Access Control) , fine-grained authorization, and client policies. Strong understanding of authentication mechanisms , including MFA and SSO. Good experience in Keycloak theming and customization (login pages, error pages) . Working knowledge of SSL, TLS, certificates, and secure communications in an enterprise environment. Experience in containerized deployments of Keycloak (Docker, Kubernetes, OpenShift) . Familiarity with relational databases (PostgreSQL, MySQL) used as Keycloak backends. Scripting skills in Bash, Python, or similar for automation and operational tasks. Experience with monitoring and logging tools (e.g., Prometheus, Grafana, ELK stack) for Keycloak. Strong problem-solving and debugging skills in IAM contexts. Preferred Certifications: Relevant certifications (e.g., IAM, Security+, CISSP , Keycloak-specific courses ) are a plus. Qualification and Educational requirements: Any degree in an IT related field is preferred
