Security Solutions Architect, IAM, Flutter Functions
Cluj-Napoca, Cluj County, Romania
Full Time
5 hours ago
No Sponsorship
Key skills
AnsibleAWSAzureCloudDockerFlutterGoogle Cloud PlatformKubernetesMicroservicesTerraformGCPGoogle CloudIAMAPI GatewayOAuthSAMLLDAPSSOSingle Sign-OnCommunicationCollaborationZero Trust
About this role
Role Overview
- Support the IAM architectural roadmap, working with security and enterprise architecture to maintain alignment to the broader enterprise security and technology strategies.
- Design end-to-end IAM solutions covering identity governance and administration (IGA), privileged access management (PAM) and access management.
- Establish and maintain architecture patterns, standards, and reference designs for IAM across cloud, hybrid, and on-premises environments.
- Architect and oversee the implementation of authentication protocols including OAuth 2.0, OpenID Connect (OIDC), SAML 2.0, and FIDO2/WebAuthn.
- Drive the adoption of multi-factor authentication (MFA), single sign-on (SSO), and password-less authentication capabilities, enhancing and extending the conditional access implementation.
- Collaborate with peer functions such as Workplace Technology, Enterprise Architecture, Security Architecture as and when required.
- Engage with relevant teams to ensure IAM solutions comply with relevant regulatory and control frameworks (including GDPR, SOX, PCI-DSS, NIST, and ISO 27001).
- Support the analysis & delivery of role-based access control (RBAC), attribute-based access control (ABAC), and entitlement management frameworks.
- Support audit and assurance activities, producing architectural documentation and evidence as required.
- Act as the subject matter expert (SME) for IAM solutions, advising stakeholders and product teams on identity-related risks, capabilities, and mitigations.
- Bring a “customer first” mindset to ensure that user experience remains a priority in the delivery of IAM services.
- Evaluate and support recommendations for IAM vendor solutions and tooling, contributing to procurement and commercial decisions.
- Act as a coach or mentor to junior colleagues to further IAM within Flutter
Requirements
- An understanding of federation protocols: SAML 2.0, OAuth 2.0, OIDC, SCIM, LDAP, Kerberos.
- Strong understanding of zero trust network access (ZTNA) and its application to identity architectures.
- Experience designing IAM solutions across multi-cloud environments (AWS, Azure, GCP).
- An understanding of API security patterns, including OAuth token management and API gateway integration.
- Familiarity with Infrastructure as Code (IaC) tooling (e.g., Terraform, Ansible) as applied to identity configuration.
- An understanding of PKI, certificate lifecycle management, and secrets management best practices.
- Architecture experience
- ideally with a grounding in a recognised framework such as TOGAF, SABSA, or Zachman.
- Demonstrable experience working within complex, large-scale enterprise environments with diverse technology stacks.
- Strong understanding of cloud-native architecture patterns, microservices, and containerisation (Kubernetes, Docker).
- Degree in Computer Science, Information Security, or a related discipline
- or equivalent demonstrable experience.
- 7+ years in identity and access management or information security roles, with at least 3 years in an architectural or engineering capacity.
- Relevant professional certifications such as: Certified Information Systems Security Professional (CISSP) or The Open Group Architecture Framework (TOGAF).
- Experience in regulated industries (financial services, gaming, healthcare).
- Strategic thinking
- ability to connect IAM decisions to broader business and security outcomes.
- Communication
- capable of conveying complex technical concepts clearly to both technical and non-technical audiences.
- Ownership
- takes accountability for architectural decisions and their outcomes.
- Collaboration
- builds effective working relationships across security, engineering, product, and compliance teams.
- Continuous learning – curiosity to remain current with in the rapidly evolving identity governance and threat landscape ecosystem.
Tech Stack
- Ansible
- AWS
- Azure
- Cloud
- Docker
- Flutter
- Google Cloud Platform
- Kubernetes
- Microservices
- Terraform
Benefits
- Hybrid & remote working options
- €1,000 per year for self-development
- Company share scheme
- 25 days of annual leave per year
- 20 days per year to work abroad
- 5 personal days/year
- Flexible benefits: travel, sports, hobbies
- Extended health, dental and travel insurances
- Customized well-being programmes
- Career growth sessions
- Thousands of online courses through Udemy
- A variety of engaging office events