CrawlJobs Logo
REWE digital Logo REWE digital · IT - Software Development

Access Management DevOps Engineer

Spain, Málaga · Job Posted December 31, 2025
Apply Position
Job Link Share

Job Description

Working closely with the team in germany, you will be responsible for the administration and optimization of our Identity Governance Administration (IGA) platform to ensure secure, efficient, and reliable access for our business applications. We are looking for an IT Engineer / DevOps Engineer to support the modernization of our IAM landscape by designing, implementing, and maintaining innovative technical solutions. Someone who builds and administers IAM and IGA platforms to provide the foundation for automation, self-service, and compliance.

Job Responsibility

  • Design, build, and operate a secure and scalable Identity Governance & Administration (IGA) platform as the foundation for automation and self-service
  • Develop and maintain APIs to integrate IAM/IGA capabilities across business applications
  • Establish and maintain CI/CD pipelines and containerized environments (Docker, Kubernetes) to support the deployment and evolution of the IAM platform
  • Implement and optimize role-based and context-based access control models (RBAC, CBAC, ABAC, NBAC)
  • Collaborate with security teams to ensure compliance and enable Zero-Trust architectures

Requirements

  • Degree in Computer Science or equivalent qualification
  • Proven experience in Identity Governance & Administration (IGA) and IAM platforms
  • Practical knowledge of directory services (Active Directory, Entra ID, Keycloak)
  • Analytical mindset and ability to design complex authorization models
  • Strong communication and collaboration skills
  • Complete fluency in written and spoken English
  • You live in Spain, and you have a valid work permit/VISA (without sponsorship)

Nice to have

  • Knowledge of MidPoint or similar IGA solutions
  • Familiarity with modern IAM frameworks and standards
  • Experience in workflow orchestration and platform modernization
  • Understanding of Zero-Trust principles and security best practices

What we offer

  • Hybrid work and flexible working time
  • Company conditions for private medical insurance
  • Ticket Restaurant
  • Professional development opportunities: English/German courses, and further IT education/trainings
  • Day off on your Birthday
  • 23 days paid vacation
REWE digital - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Access Management DevOps Engineer

8 matching positions

Senior DevOps Engineer (Identity & Access Management)

We are seeking a Senior DevOps Engineer to join our team and drive automation, r...
Location
Location
Poland
Salary
Salary:
Not provided
n-ix.com Logo
N-iX
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Computer Science, Electrical Engineering, Information Systems, Informatics, or equivalent
  • 5+ years of development experience focused on identity and access management systems
  • Proven experience in User Lifecycle Management (ULM), including onboarding, role changes, and offboarding of users across multiple systems (Active Directory, cloud platforms, internal applications)
  • Extensive hands-on experience with Active Directory, including: Domain controller maintenance, Group Policy Object (GPO) configuration and management, AD deployment and replication, Role-Based Access Control (RBAC) for users and groups
  • Strong understanding of DNS and basic networking concepts
  • Proficiency in PowerShell for automation and scripting within identity environments
  • Experience with additional programming languages and automation tools such as C#, .NET, Ansible, Python, Java, Go, Node.js, Terraform, Docker, etc.
  • Proven track record of developing scalable, maintainable, and secure software solutions with a focus on automating identity workflows
  • Understanding of infrastructure at scale, including load balancing, cloud environments, and certificate management
Job Responsibility
Job Responsibility
  • Design, develop, automate, and operate services and systems that manage the full lifecycle of user accounts across all infrastructure environments (User Lifecycle Management – Joiner, Mover, Leaver processes)
  • Implement identity and access management features such as JIT (Just-In-Time), JML (Joiner-Mover-Leaver), PIM (Privileged Identity Management), PAM (Privileged Access Management), and RBAC (Role-Based Access Control) in a robust and scalable manner
  • Partner cross-functionally with security, compliance, and engineering teams to build tooling that ensures all access activities are logged and properly audited
  • Constantly evaluate current trends in identity and access management and adopt new tools and features in a timely manner
  • Mentor junior engineers and help them grow their technical skills
  • Participate in an on-call rotation schedule
What we offer
What we offer
  • Flexible working format - remote, office-based or flexible
  • A competitive salary and good compensation package
  • Personalized career growth
  • Professional development tools (mentorship program, tech talks and trainings, centers of excellence, and more)
  • Active tech communities with regular knowledge sharing
  • Education reimbursement
  • Memorable anniversary presents
  • Corporate events and team buildings
  • Other location-specific benefits
Read More
Arrow Right

Senior Identity Access Management Engineer

Roku is seeking a senior-level Identity Engineer to enhance its Zero-Trust archi...
Location
Location
United States , Boston
Salary
Salary:
158000.00 - 279000.00 USD / Year
roku.com Logo
Roku
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 8+ years of hands-on experience with identity and access management and automating cloud technologies, particularly within the Microsoft ecosystem.
  • Strong analytical skills and attention to detail, with the ability to troubleshoot complex infrastructure and identity-related issues.
  • Excellent communication skills, with the ability to clearly explain technical concepts to both technical and non-technical stakeholders.
  • Deep experience with Microsoft Entra ID, including Conditional Access, Identity Governance, and Privileged Identity Management.
  • Familiarity with Microsoft 365 services: Exchange Online, Defender, Purview, Sentinel, Intune, and related platforms.
  • Automation and scripting skills using PowerShell, Azure CLI, and Microsoft Graph API
  • working knowledge of Azure services such as Function Apps and Logic Apps.
  • Experience in onboarding and managing enterprise applications in Azure Entra ID.
  • Advanced knowledge of Azure Single Sign-On (SSO) login methods, including OAuth2, OpenID Connect, and SAML, and their integration with enterprise applications.
  • Knowledge of privileged access tools (Azure PIM, CyberArk, etc), secrets management (HashiCorp or Azure Key Vault), and workload identity patterns SPIFEE & SPIRE.
Job Responsibility
Job Responsibility
  • Lead enterprise-wide IAM standardization, including identity lifecycle, access governance, and policy enforcement across global regions.
  • Drive automation across IAM to streamline administration and deliver a smoother user experience.
  • Support enterprise applications onboarding into Azure Entra ID, including SSO, Conditional Access, and role-based access control (RBAC).
  • Enhance privileged access management and implement scalable monitoring, alerting, and auditability solutions to support a secure, geographically distributed workforce.
  • Collaborate with IT, Networking, and Security teams to troubleshoot identity-related issues and support global infrastructure initiatives.
  • Advance Zero Trust Identity Fabric principles like continuous verification, least-privilege access, and identity-aware policy enforcement across users, devices, workloads, and non-human identities.
  • Build identity automation with a DevOps mindset, writing scripts, developing pipelines, and engineering tooling from scratch rather than just configuring them.
What we offer
What we offer
  • Health insurance
  • equity awards
  • life insurance
  • disability benefits
  • parental leave
  • wellness benefits
  • paid time off
  • global access to mental health and financial wellness support and resources
  • healthcare (medical, dental, and vision)
  • life
  • Fulltime
Read More
Arrow Right

Identity and Access Management Engineer

We are looking for an Identity and Access Management Engineer to support secure ...
Location
Location
United States , Silver Spring
Salary
Salary:
Not provided
https://www.roberthalf.com Logo
Robert Half
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Proven experience designing and supporting identity and access management solutions in complex enterprise environments
  • Strong knowledge of federation concepts and hands-on experience with OAuth 2.0, OpenID Connect, claims, and token-based authentication
  • Ability to develop process documentation and integration standards for onboarding enterprise applications
  • Experience improving identity lifecycle workflows, including user onboarding, role changes, and offboarding activities
  • Familiarity with access governance practices such as certification reviews, remediation tracking, and segregation of duties enforcement
  • Working knowledge of Active Directory-related technologies, including Group Policy Objects and enterprise access architecture
  • Understanding of supporting infrastructure domains such as server virtualization, enterprise storage, DevOps practices, and architecture standards
Job Responsibility
Job Responsibility
  • Architect and support identity federation integrations for enterprise platforms using modern authentication and authorization standards such as OAuth 2.0 and OpenID Connect
  • Establish and maintain trust relationships and secure sign-on configurations to ensure dependable access across connected applications
  • Create clear onboarding frameworks and technical documentation to streamline the integration of new business systems into the identity environment
  • Investigate and resolve complex authentication issues involving tokens, claims, and federated access flows
  • Drive improvements to joiner, mover, and leaver processes so that account provisioning and deprovisioning remain accurate and timely
  • Enhance access models and contribute to role engineering efforts that align user permissions with business responsibilities
  • Support access review activities by helping coordinate certification campaigns and tracking remediation work through completion
  • Reinforce segregation of duties controls and apply policy standards that reduce risk and strengthen governance
  • Collaborate with infrastructure and engineering teams on directory services, Group Policy Objects, virtualization, storage, and DevOps-related IAM dependencies
What we offer
What we offer
  • Medical insurance
  • Vision insurance
  • Dental insurance
  • Life insurance
  • Disability insurance
  • 401(k) plan
  • Free online training
  • Access to top jobs
  • Fulltime
Read More
Arrow Right

Access Management Engineer

We are looking for an experienced Access Management Engineer with strong experti...
Location
Location
United States , Santa Clara
Salary
Salary:
Not provided
techmahindra.com Logo
Tech Mahindra
Expiration Date
June 30, 2026
Flip Icon
Requirements
Requirements
  • Bachelor's or Higher Degree
  • Access Management
  • Total Experience: 5.00 to 7.00 Years
  • Keycloak Identity and Access Management (IDP) in production environments
  • Containerization using Docker
  • Integration with enterprise applications
  • SSO, SAML, OpenID Connect (OIDC), OAuth 2.0
  • Docker Compose/Kubernetes
  • Active Directory, LDAP, social logins
  • User realms, clients, roles, groups, fine grained authorization policies
Job Responsibility
Job Responsibility
  • Design, deploy, configure, and manage Keycloak IDP instances for enterprise scale identity and access management
  • Implement authentication flows including SSO, SAML, OpenID Connect (OIDC), OAuth 2.0, and custom user federation
  • Containerize and orchestrate Keycloak deployments using Docker (and Docker Compose/Kubernetes where applicable)
  • Integrate Keycloak with various applications, APIs, microservices, and identity providers (Active Directory, LDAP, social logins, etc.)
  • Manage user realms, clients, roles, groups, and fine grained authorization policies
  • Monitor, troubleshoot, and optimize Keycloak performance, security, and high availability setups
  • Implement security best practices, including certificate management, encryption, and compliance requirements
  • Collaborate with development, DevOps, and security teams to support identity related initiatives
  • Automate deployment and configuration processes for Keycloak environments
  • Fulltime
Read More
Arrow Right

Senior Customer Identity and Access Management Engineer

Are you passionate about securing digital identities and creating seamless user ...
Location
Location
Ireland , Dublin 2
Salary
Salary:
Not provided
bentley.com Logo
Bentley Systems
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • A minimum of 5 years of hands-on experience with the Ping Identity suite
  • Thorough understanding of Identity and Access Management (IAM) for both enterprise and customer-facing applications
  • Strong coding and scripting abilities (Java & TypeScript are preferred)
  • In-depth knowledge of OAuth, OIDC, and SAML
  • Knowledge of System for Cross-domain Identity Management (SCIM)
  • Experience with API configuration and deployment
  • Strong experience with Linux environments (navigating, tuning, etc.)
  • Excellent problem-solving and communication skills
Job Responsibility
Job Responsibility
  • Lead the management and administration of the full Ping Identity suite, including Ping Federate, Ping Access, Ping Directory, Ping Data Proxy, Ping Data Sync, and Ping Authorize
  • Architect and manage common Ping Components, such as IdP & SP adapters, selectors, authentication policies, and more
  • Deploy, configure, and troubleshoot modern authentication protocols, including OAuth, OIDC, and SAML, ensuring compliance with industry standards
  • Strengthen security by configuring and deploying Multi-Factor Authentication (MFA) solutions
  • Oversee the entire lifecycle of digital certificates
  • Develop and maintain clean, efficient, and well-documented code and scripts, with a preference for Java & TypeScript
  • Configure and deploy APIs to extend and integrate our CIAM solutions
  • Thrive in a DevOps model, contributing to our CI/CD pipelines and automation efforts
  • Operate within our cloud-based infrastructure, with a preference for AWS
  • Manage and maintain containerized environments
What we offer
What we offer
  • A great Team and culture
  • An exciting career as an integral part of a world-leading software company
  • An attractive salary and benefits package
  • A commitment to inclusion, belonging, and colleague well-being through global initiatives and resource groups
  • A company committed to making a real difference by advancing the world’s infrastructure for a better quality of life
Read More
Arrow Right

Senior Staff Identity and Access Management Engineer

GEICO is seeking an experienced Engineer with a passion for building high perfor...
Location
Location
United States , Chevy Chase; Palo Alto; Dallas; Seattle
Salary
Salary:
120000.00 - 260000.00 USD / Year
geico.com Logo
Geico
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10+ years of professional experience in technology or identity engineering
  • 8+ years of experience with security, identity, architecture, and design
  • 4+ years of experience with open-source frameworks is desired
  • 4+ years of experience with AWS, GCP, Azure, or another cloud service
  • 1+ years of people management experience
  • Bachelor’s degree in computer science, Information Systems, or equivalent education or work experience
  • Experience building the architecture and design (architecture, design patterns, reliability, and scaling) of new and current systems
  • Fluency in DevOps Concepts, Cloud Architecture, and the Software Development Lifecycle
  • Experience in security protocols and products: Understanding of Active Directory, Kerberos, LDAP, SAML, OAuth, and OIDC
  • Experience with continuous delivery and infrastructure as code
Job Responsibility
Job Responsibility
  • Lead execution and adoption of modern authentication and authorization mechanisms (SAML, OIDC/OAUTH2)
  • Engage peers and leaders at all levels
  • Consistently share best practices and improve processes within and across teams
  • Determine and support resource requirements, evaluate operational processes, measure outcomes to ensure desired results, and demonstrate adaptability and sponsoring continuous learning
  • Own the complete project lifecycle for application integrations of both on-premises and SaaS applications with our IGA platform
  • Collaborate with application team to implement tokenization solutions that reduce sensitive data exposure, thereby enhancing data security and minimizing the risk of unauthorized access
  • Stay at the forefront of emerging identity trends, technologies, and best practices, and apply this knowledge to enhance GEICO’s data protection strategies
  • Provide technical guidance and mentorship to the team, fostering a culture of innovation, collaboration, and continuous improvements
  • Collaborate with cross-functional teams, including security, compliance, and application teams to ensure the seamless integration and alignment of solutions with organizational goals
  • Build resilient and scalable architecture, driving innovation and cost efficiency
What we offer
What we offer
  • Comprehensive Total Rewards program that offers personalized coverage tailor-made for you and your family’s overall well-being
  • Financial benefits including market-competitive compensation
  • a 401K savings plan vested from day one that offers a 6% match
  • performance and recognition-based incentives
  • and tuition assistance
  • Access to additional benefits like mental healthcare as well as fertility and adoption assistance
  • Supports flexibility- We provide workplace flexibility as well as our GEICO Flex program, which offers the ability to work from anywhere in the US for up to four weeks per year
  • Fulltime
Read More
Arrow Right

Senior Software Engineer – Identity & Access Management (IAM)

Location
Location
United States
Salary
Salary:
Not provided
redhibbert.com Logo
Red Hibbert Group
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Computer Science, IT, or related field
  • 7+ years of experience in Identity & Access Management or IT Security
  • Strong expertise in Azure Active Directory (Microsoft Entra ID)
  • Experience with Conditional Access, MFA, PIM, and Identity Protection
  • Experience with SSO protocols: SAML, OAuth 2.0, OpenID Connect
  • Familiarity with PowerShell scripting
  • Experience working in enterprise IT environments
  • Strong communication and collaboration skills
Job Responsibility
Job Responsibility
  • Lead enterprise-level Azure Active Directory (Microsoft Entra ID) operations
  • Design and manage Conditional Access policies, MFA, and passwordless authentication
  • Manage identity lifecycle (user, group, role provisioning and governance)
  • Implement Privileged Identity Management (PIM) and access governance
  • Support and troubleshoot SSO integrations (SAML, OAuth2, OpenID Connect)
  • Monitor identity security signals, risky sign-ins, and audit logs
  • Perform root cause analysis for IAM-related incidents
  • Collaborate with security, DevOps, and application teams
  • Mentor junior engineers and define operational best practices
  • Maintain documentation, SOPs, SLAs, and KPIs
  • Fulltime
Read More
Arrow Right
New

Senior Staff DevOps Engineer (Secure Cloud Access)

As part of your role, you will design, implement, and deploy products and infras...
Location
Location
Israel , Southern District
Salary
Salary:
Not provided
paloaltonetworks.it Logo
Palo Alto Networks Italia
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 4+ years of experience as a DevOps engineer or Site Reliability Engineer
  • Deep knowledge and experience in cloud infrastructure such as AWS, Azure, or Google Cloud
  • Strong hands-on experience operating production workloads on AWS, with an emphasis on serverless systems (Lambda, DynamoDB, OpenSearch, S3, API Gateway, EventBridge, SQS/SNS, CloudFront, IAM, and CloudWatch)
  • Experience with Infrastructure as Code (IaC) tools such as Terraform, AWS CDK, or CloudFormation
  • Experience with containerization and orchestration technologies like Docker, Kubernetes, or ECS/ECR
  • Experience with CI/CD tools and configuration management systems like Jenkins, Git, or Ansible
  • Practical experience with high-availability design, disaster recovery planning, backups, restores, and rollbacks across multiple AWS regions
  • Proficiency in scripting with Bash and Python
  • Experience with end-to-end system ownership, including on-call participation, incident response, and root-cause analysis
  • Fluent in English with strong writing skills
Job Responsibility
Job Responsibility
  • Design and manage Continuous Integration/Deployment Services, including build, packaging, and deployment
  • Design, document, implement, and maintain scripts to enhance current and future build and release processes
  • Incorporate new development projects into existing build structures
  • Continually evaluate tools and technologies to improve the overall release process
  • Fulltime
Read More
Arrow Right