ForgeRock Consultant (Identity and Access Management ( IAM )

We are seeking a skilled and experienced ForgeRock Consultant/Senior Consultant with a strong background in Identity and Access Management (IAM) to join our Deloitte USI team. The ideal candidate will have a proven track record of implementing ForgeRock technologies across diverse, large-scale enterprise environments.

• 5 to 9 years of experience in the Identity Management domain.
• Minimum 3+ years of hands-on experience with ForgeRock technologies (OpenAM, OpenIDM).
• Successfully delivered at least two IAM projects including:
• Requirements gathering & analysis
• Solution design & development
• Testing, deployment & post-go-live support
• Install and configure ForgeRock OpenAM and OpenIDM in high availability (HA) mode.
• Integrate enterprise applications with ForgeRock OpenAM for:
• SSO (Single Sign-On)
• Coarse grain authorization
• Session management
• Password management
• Build custom ForgeRock modules including:
• Authentication chains
• Post Authentication Plugins (PAP)
• Custom login screens
• Step-up authentication & adaptive access management
• Implement identity federation and cross-domain SSO using SAML, OAuth, and WS-Federation.
• Integrate ForgeRock OpenIDM with:
• LDAP directories (e.g., OpenDJ, Active Directory)
• Databases, CSVs, REST APIs, and cloud-based systems
• Provide production support and troubleshooting for ForgeRock environments.

• ForgeRock OpenAM, OpenIDM, OpenDJ
• SAML 2.0, OAuth 2.0, WS-Federation
• Java, REST APIs
• IAM lifecycle and governance
• High availability configurations
• Cloud integration experience is a plus

• Bachelors or Masters degree in Computer Science, Engineering, Information Systems, or equivalent.
• MBA (preferred but not mandatory) for senior roles

Skills: java, iam lifecycle and governance, oauth 2.0, identity and access management, high availability configurations, ws-federation, java, rest apis, forgerock opendj, saml 2.0, rest apis, forgerock openidm, forgerock openam, forgerock.