IAM SSO engineer

Welcome to Digital Solutions SA!

Founded in 2016 and located in the heart of the Jura, in Porrentruy, Digital Solutions SA helps companies and institutions face digital challenges through the integration of new technologies.

As an IT integrator and service provider, we help our customers to innovate and develop their new digital products.

We’re already present in Porrentruy, Basel, Lausanne, Geneva, Martigny and soon in Fribourg, Bern, Zurich and Delémont.

Combining agility, innovation and performance, we provide a team of highly qualified engineers tailored to the specific needs of each of our customers and prospects.

We are working on three areas:

1. Integration and innovation
2. Software development
3. Robotic Process Automation

PROFILE: IAM SSO engineer

• Contract type: service rental
• Occupancy rate: full-time
• Duration: indefinite
• Desired start date: January 2024

YOUR MISSIONS :

• Support IT projects in implementing identity federation standards (mainly SAML, OAuth2, OpenID Connect)
  • Processing of identity federation configuration requests (SAML federation, OAuth2/OIDC client declarations, etc.).
  • Analysis of problems encountered by development teams
  • Drafting of technical documentation for target audience (mainly architects and developers)
  • Participation in the design of training materials
• Implement upgrades to the service’s technical components
  • Implementation of technical upgrades to SSO components (evolutionary maintenance, corrective maintenance and obsolescence management)
  • Participation in test phases and handling of anomalies
  • Participate in systematic code reviews
• Supporter techniquement le run des services SSO & fédération d’identité
  • Play the role of expert in cooperation with operating teams and the service manager
  • Participation in the processing of complex level 2 and 3 support requests
  • Diagnosis and resolution of incidents related to SSO components
  • Maintain the safety level of technical components
• Participate in projects and technical studies carried out by GAI in conjunction with the department’s components
• Participate in the continuous improvement of service components. Make suggestions to improve team organization, etc.
• Support architects in charge of IT applications to determine the IAM integration solution best suited to their needs (SAML, OAuth2/OIDC, LDAP, etc.).

QUALIFICATIONS :

• Sense of service, responsibility and communication
• Ability to develop skills across a broad technical field
• Perfect command of French, good command of English
• Excellent oral and written expression
• Ability to show initiative, flexibility and resistance to stress
• Ability to work in a team and share knowledge

TRAININGS :

• HES diploma or bachelor’s degree in computer science or EPF engineering diploma or federal diploma.

SKILLS :

Core competencies

• Excellent command of IAM concepts (RBAC authentication and access management, directories and digital identities, ABAC concepts)
• Excellent command of SAML, OAuth2 and OpenID-Connect identity federation protocols
• Good command of technical architectures in general and web solutions in particular
• Good command of the Java programming language in a server environment
• Good knowledge of Unix/Linux and Windows server environments

Additional skills

• Good command of LDAP and Microsoft Active Directory
• Good understanding of web security frameworks and API security, particularly in Single-Page Application (SPA) environments
• Good understanding of access control mechanisms on a web reverse-proxy (F5 Big-IP LTM+APM or Apache RP)
• Mastery of technologies for formalizing requirements and modeling the organization of IAM exchange flows in architectures
• Good awareness of software quality, and in particular the implementation of unit, integration, performance and security tests
• Successful experience in one or more of the following areas:
  • Administration of a market SSO server (OpenAM, KeyCloak, Okta, PingOne)
  • Project implementation in Platforms-as-a-Service (preferably OpenShift or Docker) or Azure Active Directory environments
  • LDAP directory administration (Novell e-Directory Services, OpenLDAP, OpenDS)
  • Implementation of an IAM project using one of the following protocols: Radius, OATH, MS-OFBA, SCIM
• Experience with the main encryption/signature algorithms (PKI, certificate stores)
• Good knowledge of web application servers (JBoss, Tomcat, Apache PHP in particular)
• Proficiency in Archimate modeling language and associated tools (Archi, iServer)
• Successful experience in a large private or public company environment