IAM Solution Architect (Cloud / Access Management)
Rijkswaterstaat has a versatile and extensive application landscape in which the correct and secure use of identities and authorizations is a precondition for the smooth running of user processes. Finding the optimal balance between safety and efficiency is the goal for RWS. As an IAM Solution Architect you are our expert who optimizes this balance for RWS.
The CIV (Central Information Provision) department provides the various domains (roads, water) within Rijkswaterstaat with centralized ICT solutions that support and carry out the core tasks of the organization. Rijkswaterstaat is investing in its Identity & Access Management program to further develop central IAM solutions for the employee domain (B2E), partners (B2B) and for the user / citizen (B2C). Think of challenges such as improving the central authorization server for the API landscape to enable the growth of the data-driven organization, and, for example, to allow identity management and federation with, among others, Microsoft Azure AD and other COTS IAM solutions to grow to enable the ambitions for the RWS Cloud Workplace and the RWS Virtual DataCenter. As an IAM Solution Architect, do you get excited about making a defining contribution to this? Then we would like to get in touch with you!
About the role
As an IAM Solution Architect you are responsible for:
- Mapping out the requirements of our customer regarding identity and access management and translating this into a solution design for IAM solutions.
- You know how to provide clarity for the architecture board, the customer and your team through the starting architecture you write.
- You start with a high level architecture and you know how to deepen this step by step so that an Agile method is possible.
- Your design is well coordinated with the IAM domain architect and therefore also fits well with the IAM target architecture and the enterprise (digital) architecture of the organization.
- You facilitate an effective dialogue with the customer and Product Owner IAM about customer wishes and functionalities and you work this out together with the IAM technical specialists in the Scrum team into a well-documented solution design.
- Together with architecture, security and other governance parties, you also ensure that safety and privacy are properly safeguarded and (BIO) compliant solutions are provided.
- You know how to translate functional questions into working solutions in an extensive and complex data center environment such as Rijkswaterstaat.
- You know how to map dependencies well and to specify their required contribution.
- In this way you contribute to ensuring that all data and data that are processed in Rijkswaterstaat’s business processes are safe and controlled.
Who we’re looking for
You have the following background
• HBO / WO level;
• Knowledge of and experience with IAM implementations for B2E (workforce / extended workforce), B2B or B2C with proven results;
• You have experience with concepts such as Enterprise SSO, Open API, Cloud hosting infrastructure, Privileged Access Management, Identity Governance;
• You know how to interpret and apply policy, frameworks and guidelines (such as BIO, NORA, organizational policy);
• You find a challenge in continuous learning and pass on your knowledge so that the knowledge level increases and we can be “ahead of change” as a team in the field of IAM;
• You have experience with the Scrum method and how Agile architecture is applied in a scaled context (for example with SAFe)
You recognize yourself in the following technical skills
• Experience with products such as Microsoft Azure AD in hybrid format and Access Management products such as ForgeRock, Okta or Ping;
• Knowledge and implementation experience with the usual IAM protocols for authentication, authorization, user provisioning and single sign-on, such as OAuth, OpenID Connect, SAML, Bearer Token, Kerberos/NTLM, LDAP authentication, SCIM;
• Knowledge of (Azure) Active Directory, including understanding AD forest, trusts, GPO, etc.;
• Knowledge of IAM related technologies such as (Virtual) Directory Service, Azure Platform (Hosting, AAD, etc.), federations, multi-factor authentication, PIM;
• Knowledge of integrations and frequently used application interfaces such as REST APIs, Web Services, JSON;
• Knowledge of user management / SSO modules in enterprise / cloud applications (eg FlexNetManager, Jira, TopDesk, Facilitor, SAP, etc.) is a plus;
You are a team player who plays a constructive and decisive role
You speak and write Dutch and English fluently
You understand that the customer comes first and act accordingly
You are flexible with regard to tasks and assignments, but you coordinate priorities well
You like a new challenge and feel like a fish in water in an environment that offers many different challenges
The team / organization context
You contribute to challenging IAM projects in one of the largest and most complex ICT organizations within the Dutch Government
You work in a high-tech environment with a focus on knowledge and quality
You work in a team with an open no-nonsense culture with a lot of room for own initiative within the enterprise government context of Rijkswaterstaat