Skip to content
mimi
All jobs · Security Engineer jobs

CIAM Security Engineer

Acquism SARL

Zürich · On-site Contract Yesterday
Apply with a tailored resume Save job

About the role

Role Overview

We are looking for a highly skilled CIAM Security Engineer with strong expertise in Nevis Security Suite, modern authentication protocols, and web application security. The ideal candidate will support the design, deployment, and continuous improvement of SIX’s mission‑critical customer identity and access management landscape.

Location: Zurich, Switzerland
Experience: 4+ years
Pay Rate: TBN
Start Date: ASAP
Contract: 6 months to 1 year (can be renewable)

Core Technical Competencies

1. Nevis Security Suite (Mandatory)

  • Hands‑on experience with:
    • nevisProxy, nevisAuth, nevisAdmin, NevisMeta, NevisIDM, NevisDataporter
  • Understanding of Nevis architecture, cluster setups, integration patterns, and troubleshooting
  • Ability to design, configure, and optimize authentication, authorization, and federation flows

2. Web Application Firewall (WAF)

  • Experience with:
    • ModSecurity
    • OWASP Core Rule Set (CRS)
  • WAF policy tuning, anomaly scoring, false‑positive mitigation
  • Integration with reverse proxies and CIAM components

3. Identity & Access Management

  • Identity lifecycle and governance
  • Access policies, roles, and entitlements
  • Authentication and authorization best practices
  • Integration with enterprise applications and APIs

4. Reverse Proxy Technologies

  • Reverse proxy design and configuration
  • Load balancing concepts
  • SSL/TLS termination
  • Traffic routing, URL rewriting, application publishing

5. Federated Identity Protocols

  • OIDC (OpenID Connect)
    • Authorization Code Flow
    • Implicit Flow
    • PKCE
    • Token lifecycle and introspection
  • SAML 2.0
    • SP‑initiated and IdP‑initiated flows
    • Assertion handling, signing, encryption
    • Metadata management

Nice‑to‑Have Skills

  • CIAM / IAM / WAF tools:
    • Ping Identity, ForgeRock, Okta, Keycloak, Auth0, Azure AD B2C
    • F5 ASM / ADV WAF, Imperva, Barracuda, Akamai Kona
  • Containerization: OpenShift, Kubernetes
  • Monitoring tools: Splunk, ELK, Grafana
  • Scripting: Python, Bash, Ansible

Desired Competencies

  • Agile Way of Working
  • Cyber Security
  • Okta
  • ForgeRock Access Management
  • Microsoft Identity & Access Management
  • IAM Implementation, Design & Architecture

Skills

AnsibleAzure AD B2CBashCIAMDockerELKF5 ASMForgeRockGrafanaImpervaKubernetesKeycloakMicrosoft Identity & Access ManagementModSecurityNevisAdminNevisAuthNevisDataporterNevisIDMNevisMetaNevisProxyNevis Security SuiteOktaOpenShiftOpenID ConnectOWASP Core Rule SetPing IdentityPythonSAML 2.0Splunk

Similar roles

Senior Compute Engineer (m/w/d) - Schwerpunkt Red Hat OpenShift

Stefanini Group

Senior Qualys Vulnerability Management Engineer

Prolim Global

Senior DevSecOps Engineer

SG2 Recruiting

$190k – $230k/yr

Don't send a generic resume

Paste this job description into Mimi and get a resume tailored to exactly what the hiring team is looking for.

Get started free