Senior Keycloak Administrator

We are seeking an experienced Senior Keycloak Administrator to lead the design, implementation, and ongoing management of our identity and access management (IAM) infrastructure using Keycloak. In this role, you will ensure secure authentication and authorization for enterprise applications, optimize system performance, and collaborate with cross‑functional teams to integrate Keycloak with cloud and on‑premises environments.

The ideal candidate has deep expertise in Keycloak administration, a strong understanding of security protocols like OAuth2, OIDC, and SAML, and the ability to troubleshoot complex issues in high‑availability setups.

• 5+ years in IAM administration, with at least 3 years focused on Keycloak; proven track record in enterprise deployments.
• Expert‑level proficiency in Keycloak features (realms, clients, roles, users, events, and Admin REST API).
• Strong knowledge of identity protocols (OAuth2, OIDC, SAML, JWT) and related tools (e.g., LDAP, Kerberos).
• Experience with containerization (Docker, Kubernetes) and cloud platforms (AWS, Azure).
• Familiarity with databases (PostgreSQL, MySQL) for Keycloak persistence and monitoring tools (Prometheus, Grafana).

• Install, configure, and maintain Keycloak servers, including realm management, user federation (e.g., LDAP/AD integration), and custom theme/UI development for login, registration, and admin consoles.
• Design and deploy secure authentication/authorization solutions using Keycloak, supporting protocols such as OIDC, OAuth2, and SAML; integrate with internal/external applications, APIs, and third‑party services for identity federation.
• Manage Keycloak clustering, high‑availability setups, performance tuning, and monitoring; handle upgrades, backups, and disaster recovery to ensure 99.9% uptime.
• Implement role‑based access control (RBAC), fine‑grained permissions, and policies; conduct security audits, vulnerability assessments, and ensure compliance with standards like GDPR, HIPAA, or SOC 2.
• Diagnose and resolve incidents related to authentication failures, token issues, or integration problems; optimize Keycloak for scalability in cloud (e.g., AWS, Azure) or hybrid environments.
• Work with development, DevOps, and security teams to provide guidance on best practices; maintain comprehensive documentation for configurations, processes, and troubleshooting guides.
• Develop and maintain custom Keycloak extensions, providers, or scripts using Java or REST APIs for tailored functionality (as needed).