Platform Security Engineer and IAM (all genders) WFOH1_DE

About Us

We are among the top addresses in the IT world, focusing on optimizing our clients' core business processes. Our success is achieved through one thing: the people at adesso! With us, people bring ideas and technologies together, and therefore we foster the personal development of our employees. Because when they get better, we get even better.

As part of the adesso group, Afida GmbH offers insurers a cloud-based platform for the cost-effective and structured management of existing contracts in the life insurance and pension business. Afida thus enables insurers, especially those with run-off portfolios, to manage contracts end-to-end. In addition to the life insurance sector, the business model also includes Software as a Service solutions for the P&C insurance business.

Responsibilities

YOUR ROLE

• IAM Ownership & Platform Responsibility: You will take technical responsibility for our IAM landscape based on Okta and ConductorOne and develop it further operationally and architecturally.
• Role & Tenant Structures: You will model and operate complex role and tenant structures using Terraform and ensure a clean, traceable mapping in the infrastructure.
• Identity Integration in Cloud and Platforms: You will implement OIDC-based authentication mechanisms in AWS services and Kubernetes workloads and integrate them in a standardized way into our platform.
• Securing Service Communication: You will be responsible for the technical security of internal service communication within Kubernetes (including token validation, proxy mechanisms, gateway structures).
• Infrastructure as Code: You will consistently develop our IAM and security components further with Terraform and ensure maintainable, scalable structures.
• Stability & Scalability: You will ensure that our identity systems remain technically stable, performant, and future-proof.

Profile

YOUR PROFILE

• Experience in IAM & Cloud Security: You have several years of practical experience in engineering IAM and cloud security solutions.
• Authentication and OIDC Expertise: You have a very good understanding of OIDC, JWT, and token-based authentication in distributed systems.
• Role and Rights Models: You have experience in designing and operating complex role and authorization models in multi-tenant environments.
• Infrastructure-as-Code: You have sound knowledge of Terraform and use Infrastructure-as-Code routinely.
• Kubernetes & Helm: You have practical experience with Kubernetes (including Helm) and in securing containerized workloads.
• Language Skills: You have very good German language skills (at least C1 level).

We Offer

• Stay Healthy and Fit: We support the health of our adessi with sports subsidies such as discounted fitness memberships, coverage of court rental fees for badminton, padel tennis, or soccer, and regular preventive check-ups.
• Find Your Work-Life Balance: Our time-out program and flexible working models help you to optimally balance your professional and private life.
• Time for Family: Our goal is to unite the two worlds – family and work life. To achieve this, we support our adessi as best as possible with numerous offers, such as holiday childcare, kindergarten cooperations, parent-child offices, or events where the whole family is welcome.
• Learn and Grow with Us: With over 400 training opportunities and our digital learning platform, we support your continuous development.
• Experience Real Team Spirit: Joint events, welcome days, company runs, or the buddy system strengthen our cohesion and allow you to be part of the team from the very beginning.
• Engagement That is Rewarded: Your commitment pays off – with bonuses for recommendations, presentations, supervision of theses, as well as attractive discounts through our corporate benefits portal.
• Be Mobile and Flexible: JobRad offers, subsidies for the Deutschlandticket, and the option to work remotely from EU countries for up to two months offer you maximum flexibility.
• Secure Your Future: Our in-house, independent insurance advisor and broker alleato always has individual solutions for your retirement provision or health insurance ready for you.