Senior Identity & Access Management (IAM) Consultant
Location: Madrid, Barcelona, or remote within Spain.
Responsibilities
* Architect modern authentication solutions for web, mobile, and native applications.
* Govern OAuth2.0 and OpenIDConnect flows, including PKCE, token lifecycles, and rotation strategies.
* Lead the design and strategy for Passkeys (WebAuthn) and passwordless authentication to eliminate credential‑based risks.
* Serve as subject‑matter expert for the PingIdentity suite (PingAM, PingIDM, PingDirectory), building scalable identity solutions.
* Integrate identity services into cloud‑native environments (AWS, Azure, GCP) and microservices architectures, applying hardening and risk mitigation best practices.
Qualifications
* Proven experience in IAM architecture, translating complex security requirements into scalable designs.
* Deep protocol knowledge of OAuth2.0, OIDC1.0, and modern authentication patterns.
* Hands‑on experience with Passkeys/WebAuthn and a clear understanding of underlying security mechanics.
* Advanced experience configuring and deploying PingAM, PingIDM, PingDS (formerly ForgeRock) in enterprise environments.
* Strong grasp of cloud security, Kubernetes (EKS), and security hardening within CI/CD pipelines.
* Bonus: Familiarity with eIDAS, PSD2/SCA, MFA orchestration, and B2C/B2B identity lifecycles.
Benefits
* 30 days of vacation plus public holidays.
* Flexible work schedule and option to work from home.
* Company‑provided mobile phone and high‑quality equipment of choice.
* Structured onboarding program and ongoing training.
* Personal coach, language training, food vouchers, health insurance, employee discounts.
* Flat hierarchies, short decision paths, high personal responsibility.
Diversity & EEO Statement
We welcome applications from all genders, ages, origins, religions, beliefs, disabilities, sexual identities, and other protected characteristics. All hiring decisions are based solely on qualifications and suitability.
#J-18808-Ljbffr