Senior Keycloak Administrator

We are seeking an experienced Senior Keycloak Administrator to lead the design, implementation, and ongoing management of our identity and access management (IAM) infrastructure using Keycloak. In this role, you will ensure secure authentication and authorization for enterprise applications, optimize system performance, and collaborate with cross-functional teams to integrate Keycloak with cloud and on-premises environments. The ideal candidate has deep expertise in Keycloak administration, a strong understanding of security protocols like OAuth2, OIDC, and SAML, and the ability to troubleshoot complex issues in high-availability setups.

• Keycloak Administration and Configuration: Install, configure, and maintain Keycloak servers, including realm management, user federation (e.g., LDAP/AD integration), and custom theme/UI development for login, registration, and admin consoles.
• IAM Solution Design and Implementation: Design and deploy secure authentication/authorization solutions using Keycloak, supporting protocols such as OIDC, OAuth2, and SAML; integrate with internal/external applications, APIs, and third-party services for identity federation.
• Infrastructure Management: Manage Keycloak clustering, high-availability setups, performance tuning, and monitoring; handle upgrades, backups, and disaster recovery to ensure 99.9% uptime.
• Security and Compliance: Implement role-based access control (RBAC), fine-grained permissions, and policies; conduct security audits, vulnerability assessments, and ensure compliance with standards like GDPR, HIPAA, or SOC 2.
• Troubleshooting and Optimization: Diagnose and resolve incidents related to authentication failures, token issues, or integration problems; optimize Keycloak for scalability in cloud (e.g., AWS, Azure) or hybrid environments.
• Collaboration and Documentation: Work with development, DevOps, and security teams to provide guidance on best practices; maintain comprehensive documentation for configurations, processes, and troubleshooting guides.
• Custom Development (as needed): Develop and maintain custom Keycloak extensions, providers, or scripts using Java or REST APIs for tailored functionality.

• Experience: 5+ years in IAM administration, with at least 3 years focused on Keycloak; proven track record in enterprise deployments.
• Technical Skills:
  • Expert-level proficiency in Keycloak features (realms, clients, roles, users, events, and Admin REST API).
  • Strong knowledge of identity protocols (OAuth2, OIDC, SAML, JWT) and related tools (e.g., LDAP, Kerberos).
  • Experience with containerization (Docker, Kubernetes) and cloud platforms (AWS, Azure).
  • Familiarity with databases (PostgreSQL, MySQL) for Keycloak persistence and monitoring tools (Prometheus, Grafana).